sdm

package module
v8.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 20, 2024 License: Apache-2.0 Imports: 21 Imported by: 3

README

strongDM SDK for Go

This is the official strongDM SDK for the Go programming language.

Learn more with our 📚strongDM API docs or 📓browse the SDK reference.

Installation

$ go get github.com/strongdm/strongdm-sdk-go/v6

strongDM uses semantic versioning. We do not guarantee compatibility between major versions. Be sure to use version constraints to pin your dependency to the desired major version of the strongDM SDK.

Authentication

If you don't already have them you will need to generate a set of API keys, instructions are here: API Credentials

Add the keys as environment variables; the SDK will need to access these keys for every request.

$ export SDM_API_ACCESS_KEY=<YOUR ACCESS KEY>
$ export SDM_API_SECRET_KEY=<YOUR SECRET KEY>

List Users

The following code lists all registered users:

func main() {
	log.SetFlags(0)
	accessKey := os.Getenv("SDM_API_ACCESS_KEY")
	secretKey := os.Getenv("SDM_API_SECRET_KEY")
	if accessKey == "" || secretKey == "" {
		log.Fatal("SDM_API_ACCESS_KEY and SDM_API_SECRET_KEY must be provided")
	}

	client, err := sdm.New(accessKey, secretKey)
	if err != nil {
		log.Fatal("failed to create strongDM client:", err)
	}

	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
	defer cancel()

	users, err := client.Accounts().List(ctx, "")
	if err != nil {
		log.Fatal("failed to query accounts:", err)
	}
	for users.Next() {
		user := users.Value()
		fmt.Println(user)
	}
	if err := users.Err(); err != nil {
		log.Fatal("error while iterating users:", err)
	}
}

License

Apache 2

Contributing

Currently, we are not accepting pull requests directly to this repository, but our users are some of the most resourceful and ambitious folks out there. So, if you have something to contribute, find a bug, or just want to give us some feedback, please email support@strongdm.com.

Documentation

Overview

Package sdm implements an API client to strongDM restful API.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source
const (
	PermissionLevelRootAdmin       = "root-admin"
	PermissionLevelAdmin           = "admin"
	PermissionLevelDatabaseAdmin   = "database-admin"
	PermissionLevelTeamLeader      = "multi-team-leader"
	PermissionLevelUser            = "user"
	PermissionLevelAuditor         = "auditor"
	PermissionLevelRelay           = "relay"
	PermissionLevelAdminToken      = "admin-token"
	PermissionLevelSCIMToken       = "scim-token"
	PermissionLevelServiceNowToken = "servicenow-token"
	PermissionLevelService         = "service"
	PermissionLevelSuspended       = "suspended"
	PermissionLevelEmpty           = ""
)

Permission Levels, shared by all entities capable of making authenticated requests against StrongDM.

View Source
const (
	NodeStateNew              = "new"
	NodeStateVerifyingRestart = "verifying_restart"
	NodeStateAwaitingRestart  = "awaiting_restart"
	NodeStateRestarting       = "restarting"
	NodeStateStarted          = "started"
	NodeStateStopped          = "stopped"
	NodeStateDead             = "dead"
)

Node Lifecycle States, defining whether a node was last reported online, offline, restarting, etc.

View Source
const (
	ProviderNone      = ""
	ProviderOkta      = "okta"
	ProviderSailPoint = "sailpoint"
	ProviderAzure     = "azure"
	ProviderGeneric   = "generic"
	ProviderOneLogin  = "onelogin"
	ProviderGoogle    = "google"
)

Providers responsible for managing roles and users. None, or an empty string, implies the user is managed by strongDM. Deprecated: Please use SCIMProvider instead.

View Source
const (
	SCIMProviderNone      = ""
	SCIMProviderOkta      = "okta"
	SCIMProviderSailPoint = "sailpoint"
	SCIMProviderAzure     = "azure"
	SCIMProviderGeneric   = "generic"
	SCIMProviderOneLogin  = "onelogin"
	SCIMProviderGoogle    = "google"
)

Providers responsible for managing roles and users. None, or an empty string, implies the user is managed by strongDM.

View Source
const (
	AuthProviderAzure           = "azure"
	AuthProviderBitium          = "bitium"
	AuthProviderGoogle          = "google"
	AuthProviderOkta            = "okta"
	AuthProviderStrongDM        = "strongdm"
	AuthProviderActiveDirectory = "active directory"
	AuthProviderGenericOIDC     = "generic oidc"
	AuthProviderOneLoginOIDC    = "oneloginv2"
	AuthProviderKeycloak        = "keycloak"
	AuthProviderShibboleth      = "shibboleth"
	AuthProviderAuth0           = "auth0"
	AuthProviderWorkspaceOne    = "workspace one"
	AuthProviderOneLoginSAML    = "onelogin-saml"
	AuthProviderGenericSAML     = "generic-saml"
	AuthProviderPingIDSAML      = "ping-identity-saml"
)

Providers responsible for SSO authentication.

View Source
const (
	MFAProviderNone = ""
	MFAProviderDuo  = "duo"
	MFAProviderTOTP = "totp"
	MFAProviderOkta = "okta"
)

Providers responsible for multi-factor authentication

View Source
const (
	ActivityEntityTypeUser                 = "user"
	ActivityEntityTypeRole                 = "role"
	ActivityEntityTypeLegacyCompositeRole  = "composite_role"
	ActivityEntityTypeDatasource           = "datasource"
	ActivityEntityTypeOrganization         = "organization"
	ActivityEntityTypeInstallation         = "installation"
	ActivityEntityTypeSecretStore          = "secretstore"
	ActivityEntityTypeRemoteIdentityGroup  = "remote_identity_group"
	ActivityEntityTypeRemoteIdentity       = "remote_identity"
	ActivityEntityTypeAccessRequest        = "access_request"
	ActivityEntityTypeWorkflow             = "workflow"
	ActivityEntityTypeNode                 = "node"
	ActivityEntityTypePeeringGroup         = "peering_group"
	ActivityEntityTypePeeringGroupNode     = "peering_group_node"
	ActivityEntityTypePeeringGroupResource = "peering_group_resource"
	ActivityEntityTypePeeringGroupPeer     = "peering_group_peer"
)

Activity Entities, all entity types that can be part of an activity.

View Source
const (
	ActivityVerbUserAdded                                        = "user added"
	ActivityVerbUserDeleted                                      = "user deleted"
	ActivityVerbUserUpdated                                      = "user updated"
	ActivityVerbUserSignup                                       = "user signup"
	ActivityVerbUserTypeChanged                                  = "user type changed"
	ActivityVerbUserTemporaryAccessGranted                       = "user temporary access granted"
	ActivityVerbUserTemporaryAccessRevoked                       = "user temporary access revoked"
	ActivityVerbUserTemporaryAccessExpired                       = "user temporary access expired"
	ActivityVerbUserAddedToRole                                  = "user added to role"
	ActivityVerbUserDeletedFromRole                              = "user deleted from role"
	ActivityVerbUserSuspended                                    = "user suspended"
	ActivityVerbUserReinstated                                   = "user reinstated"
	ActivityVerbUserLoggedIntoTheUI                              = "user logged into the Admin UI"
	ActivityVerbParentAdminLoggedIntoChildOrg                    = "parent admin logged into the child org"
	ActivityVerbUserLoggedIntoTheClient                          = "user logged into the local client"
	ActivityVerbServiceAccountCreated                            = "service account created"
	ActivityVerbServiceAccountExpired                            = "service account expired"
	ActivityVerbAdminTokenAdded                                  = "admin token created"
	ActivityVerbAdminTokenDeleted                                = "admin token deleted"
	ActivityVerbAdminTokenExpired                                = "admin token expired"
	ActivityVerbAdminTokenRekeyed                                = "admin token rekeyed"
	ActivityVerbAdminTokenCloned                                 = "admin token cloned"
	ActivityVerbAdminTokenSuspended                              = "admin token suspended"
	ActivityVerbAdminTokenReinstated                             = "admin token reinstated"
	ActivityVerbSSOUserLoggedIntoTheUI                           = "user logged into the Admin UI using SSO"
	ActivityVerbSSOUserLoggedIntoTheClient                       = "user logged into the local client using SSO"
	ActivityVerbUserLoggedOutFromTheClient                       = "user logged out from the local client"
	ActivityVerbUserLoggedOutFromTheUI                           = "user logged out from the Admin UI"
	ActivityVerbFailedLoginFromTheUI                             = "failed login attempt from the Admin UI"
	ActivityVerbFailedLoginFromTheClient                         = "failed login attempt from the local client"
	ActivityVerbMFADeniedFromTheUI                               = "MFA denied access for the Admin UI"
	ActivityVerbMFADeniedFromTheClient                           = "MFA denied access for the local client"
	ActivityVerbTooManyAttemptsLockout                           = "user account locked due to failed login attempts"
	ActivityVerbAttemptCounterReset                              = "failed login attempt counter reset"
	ActivityVerbSuspendedUserLoginAttemptFromTheClient           = "attempt to login by a suspended user from the local client"
	ActivityVerbSuspendedUserLoginAttemptFromTheUI               = "attempt to login by a suspended user from the Admin UI"
	ActivityVerbServiceAccountLoginAttemptFromTheUI              = "attempted to login by a service account from the Admin UI"
	ActivityVerbSuspendedServiceAccountLoginAttemptFromTheUI     = "attempted to login by a suspended service account from the Admin UI"
	ActivityVerbSuspendedServiceAccountLoginAttemptFromTheClient = "attempt to login by a suspended service account from the local client"
	ActivityVerbUserSetAPassword                                 = "user set a password"
	ActivityVerbUserResetAPassword                               = "user reset their password"
	ActivityVerbUserChangedPassword                              = "user changed their password"
	ActivityVerbUserInvited                                      = "user invited"
	ActivityVerbUserClickedInvitation                            = "user clicked on their invitation"
	ActivityVerbUserClickedPasswordReset                         = "user clicked on their password reset"
	ActivityVerbUserAllowPasswordLogin                           = "user allowed to login via password"
	ActivityVerbUserRequireSSOLogin                              = "user required to login via SSO"
	ActivityVerbUserProvisioningEnabled                          = "user provisioning enabled"
	ActivityVerbUserProvisioningDisabled                         = "user provisioning disabled"
	ActivityVerbAdminInitiatedPasswordReset                      = "admin initiated password reset"
	ActivityVerbRoleAdded                                        = "role added"
	ActivityVerbRoleDeleted                                      = "role deleted"
	ActivityVerbRoleUpdated                                      = "role updated"
	ActivityVerbRoleAccessRulesUpdated                           = "access rules updated"
	ActivityVerbRoleAccessRulesCreated                           = "access rules created"
	ActivityVerbRoleAccessRulesDeleted                           = "access rules deleted"
	ActivityVerbRoleProvisioningEnabled                          = "role provisioning enabled"
	ActivityVerbRoleProvisioningDisabled                         = "role provisioning disabled"
	ActivityVerbDatasourceAdded                                  = "datasource added"
	ActivityVerbDatasourceCloned                                 = "datasource cloned"
	ActivityVerbDatasourceDeleted                                = "datasource deleted"
	ActivityVerbDatasourceUpdated                                = "datasource updated"
	ActivityVerbDatasourcePortOverride                           = "datasource connection port overriden"
	ActivityVerbMultipleDatasourcePortOverride                   = "multiple datasource ports overriden"
	ActivityVerbServerAdded                                      = "server added"
	ActivityVerbServerCloned                                     = "server cloned"
	ActivityVerbServerDeleted                                    = "server deleted"
	ActivityVerbServerUpdated                                    = "server updated"
	ActivityVerbServerPortOverride                               = "server connection port overriden"
	ActivityVerbMultipleServerPortOverride                       = "multiple server ports overriden"
	ActivityVerbClusterAdded                                     = "cluster added"
	ActivityVerbClusterCloned                                    = "cluster cloned"
	ActivityVerbClusterDeleted                                   = "cluster deleted"
	ActivityVerbClusterUpdated                                   = "cluster updated"
	ActivityVerbClusterPortOverride                              = "cluster connection port overriden"
	ActivityVerbMultipleClusterPortOverride                      = "multiple cluster ports overriden"
	ActivityVerbCloudAdded                                       = "cloud added"
	ActivityVerbCloudCloned                                      = "cloud cloned"
	ActivityVerbCloudDeleted                                     = "cloud deleted"
	ActivityVerbCloudUpdated                                     = "cloud updated"
	ActivityVerbWebsiteAdded                                     = "website added"
	ActivityVerbWebsiteCloned                                    = "website cloned"
	ActivityVerbWebsiteDeleted                                   = "website deleted"
	ActivityVerbWebsiteUpdated                                   = "website updated"
	ActivityVerbInstallationCreated                              = "installation created"
	ActivityVerbRelayInstallationCreated                         = "installation created for relay"
	ActivityVerbInstallationApproved                             = "installation approved"
	ActivityVerbInstallationRevoked                              = "installation revoked"
	ActivityVerbRelayCreated                                     = "relay created"
	ActivityVerbRelayUpdatedName                                 = "relay name updated"
	ActivityVerbRelayDeleted                                     = "relay deleted"
	ActivityVerbOrgPublicKeyUpdated                              = "public key updated"
	ActivityVerbOrgDiscardReplaysUpdated                         = "discard replays updated"
	ActivityVerbOrgEnforcePortOverridesUpdated                   = "port override enforcement updated"
	ActivityVerbOrgServiceAutoConnectUpdated                     = "service account auto-connect updated"
	ActivityVerbOrgSelfRegistrationActivated                     = "self-registration activated"
	ActivityVerbOrgSelfRegistrationDeactivated                   = "self-registration deactivated"
	ActivityVerbOrgNameUpdated                                   = "organization name updated"
	ActivityVerbOrgSettingUpdated                                = "organization setting updated"
	ActivityVerbOrgLogSyncSettingUpdated                         = "organization log stream setting updated"
	ActivityVerbOrgWorkflowSettingUpdated                        = "organization workflow setting updated"
	ActivityVerbOrgCreated                                       = "organization created"
	ActivityVerbOrgSCIMProvisioningUpdated                       = "SCIM provider set"
	ActivityVerbOrgSCIMProvisioningDeleted                       = "SCIM provider deleted"
	ActivityVerbOrgCustomProvisioningUpdated                     = "Provisioning provider set"
	ActivityVerbOrgCustomProvisioningDeleted                     = "Provisioning provider deleted"
	ActivityVerbChildOrgAdminInvited                             = "child organization admin invited"
	ActivityVerbServiceAccountRekeyed                            = "service account rekeyed"
	ActivityVerbSCIMTokenAdded                                   = "SCIM token created"
	ActivityVerbSCIMTokenDeleted                                 = "SCIM token deleted"
	ActivityVerbSCIMTokenRekeyed                                 = "SCIM token rekeyed"
	ActivityVerbAPIKeyDeleted                                    = "API key deleted"
	ActivityVerbOrgSSHCertificateAuthorityRotated                = "organization SSH certificate authority rotated"
	ActivityVerbOrgSSHAllowPortForwarding                        = "allowed SSH port forwarding"
	ActivityVerbOrgSSHDisallowPortForwarding                     = "disallowed SSH port forwarding"
	ActivityVerbOrgAddChild                                      = "add child organization"
	ActivityVerbOrgRemoveChild                                   = "remove child organization"
	ActivityVerbOrgExtendTrial                                   = "trial extended"
	ActivityVerbSecretStoreAdded                                 = "secret store added"
	ActivityVerbSecretStoreUpdated                               = "secret store updated"
	ActivityVerbSecretStoreDeleted                               = "secret store deleted"
	ActivityVerbRemoteIdentityGroupCreated                       = "remote identity group created"
	ActivityVerbRemoteIdentityGroupUpdated                       = "remote identity group updated"
	ActivityVerbRemoteIdentityGroupDeleted                       = "remote identity group deleted"
	ActivityVerbIdentitySetProvisioningEnabled                   = "identity set provisioning enabled"
	ActivityVerbIdentitySetProvisioningDisabled                  = "identity set provisioning disabled"
	ActivityVerbRemoteIdentityCreated                            = "remote identity created"
	ActivityVerbRemoteIdentityUpdated                            = "remote identity updated"
	ActivityVerbRemoteIdentityDeleted                            = "remote identity deleted"
	ActivityVerbIdentityAliasProvisioningEnabled                 = "identity alias provisioning enabled"
	ActivityVerbIdentityAliasProvisioningDisabled                = "identity alias provisioning disabled"
	ActivityVerbAccessRequestedToResource                        = "access requested to resource"
	ActivityVerbAccessRequestToResourceApprovalAdded             = "access request to resource approval added"
	ActivityVerbAccessRequestToResourceCanceled                  = "access request to resource canceled"
	ActivityVerbAccessRequestToResourceDenied                    = "access request to resource denied"
	ActivityVerbAccessRequestToResourceTimedOut                  = "access request to resource timed out"
	ActivityVerbAccessRequestToResourceGranted                   = "access request to resource granted"
	ActivityVerbAccessRequestToResourceGrantedAutomatically      = "access request to resource granted automatically"
	ActivityVerbOrgVNMSubnetUpdated                              = "organization VNM subnet updated"
	ActivityVerbOrgVNMResourcesAllocated                         = "organization resources allocated within VNM subnet"
	ActivityVerbDeprecatedOrgActivateDeviceApproval              = "activate device approval"
	ActivityVerbDeprecatedOrgDeactivateDeviceApproval            = "deactivate device approval"
	ActivityVerbEmulationMigrationCompleted                      = "emulation migration completed"
	ActivityVerbAccessOverhaulMigrationCompleted                 = "access overhaul migration completed"
	ActivityVerbActivatedSSHPortForwardingAllServer              = "enabled SSH port forwarding on all servers"
	ActivityVerbTOTPEnrollmentAdded                              = "user enrolled a totp device"
	ActivityVerbTOTPEnrollmentDeleted                            = "user reset their totp enrollment"
	ActivityVerbSuspendedUserEnrollAttemptFromTheUI              = "attempt to enroll by a suspended user from the Admin UI"
	ActivityVerbResourceLocked                                   = "user locked a resource"
	ActivityVerbResourceUnlocked                                 = "user unlocked a resource"
	ActivityVerbResourceForceUnlocked                            = "admin force-unlocked a resource"
	ActivityVerbOrgIntegrationInstalled                          = "org integration installed"
	ActivityVerbUserIntegrationAuthorized                        = "user authorized integration"
	ActivityVerbOrgIntegrationUninstalled                        = "org integration uninstalled"
	ActivityVerbUserIntegrationDeauthorized                      = "user deauthorized integration"
)

Activity Verbs, describe which kind of activity has taken place.

View Source
const (
	PermissionRelayList                              = "relay:list"
	PermissionRelayCreate                            = "relay:create"
	PermissionDatasourceList                         = "datasource:list"
	PermissionDatasourceCreate                       = "datasource:create"
	PermissionDatasourceHealthcheck                  = "datasource:healthcheck"
	PermissionDeprecatedDatasourceGrant              = "datasource:grant"
	PermissionDatasourceDelete                       = "datasource:delete"
	PermissionDatasourceUpdate                       = "datasource:update"
	PermissionResourceLockDelete                     = "resourcelock:delete"
	PermissionResourceLockList                       = "resourcelock:list"
	PermissionSecretStoreCreate                      = "secretstore:create"
	PermissionSecretStoreList                        = "secretstore:list"
	PermissionSecretStoreDelete                      = "secretstore:delete"
	PermissionSecretStoreUpdate                      = "secretstore:update"
	PermissionSecretStoreStatus                      = "secretstore:status"
	PermissionRemoteIdentityGroupWrite               = "remoteidentitygroup:write"
	PermissionRemoteIdentityGroupRead                = "remoteidentitygroup:read"
	PermissionRemoteIdentityWrite                    = "remoteidentity:write"
	PermissionRemoteIdentityRead                     = "remoteidentity:read"
	PermissionUserCreate                             = "user:create"
	PermissionUserList                               = "user:list"
	PermissionUserUpdateAdmin                        = "user:update_admin"
	PermissionUserCreateAdminToken                   = "user:create_admin_token"
	PermissionUserCreateServiceAccount               = "user:create_service_account"
	PermissionUserSetPermissionLevel                 = "user:set_strong_role"
	PermissionUserUpdate                             = "user:update"
	PermissionUserInitiatePasswordReset              = "user:initiate_password_reset"
	PermissionUserDelete                             = "user:delete"
	PermissionUserAssign                             = "user:assign"
	PermissionUserSuspend                            = "user:suspend"
	PermissionDemoProvisioningRequestCreate          = "demoprovisioningrequest:create"
	PermissionDemoProvisioningRequestList            = "demoprovisioningrequest:list"
	PermissionRoleList                               = "role:list"
	PermissionRoleCreate                             = "role:create"
	PermissionRoleDelete                             = "role:delete"
	PermissionRoleUpdate                             = "role:update"
	PermissionOrgViewSettings                        = "organization:view_settings"
	PermissionOrgEditSettings                        = "organization:edit_settings"
	PermissionOrgDeploymentDoctor                    = "organization:deployment_doctor"
	PermissionOrgListChildren                        = "organization:list_children"
	PermissionOrgCreateChildOrganization             = "organization:create_child_organization"
	PermissionOrgAuditUsers                          = "audit:users"
	PermissionOrgAuditRoles                          = "audit:roles"
	PermissionOrgAuditDatasources                    = "audit:datasources"
	PermissionOrgAuditNodes                          = "audit:nodes"
	PermissionOrgAuditPermissions                    = "audit:permissions"
	PermissionOrgAuditQueries                        = "audit:queries"
	PermissionOrgAuditActivities                     = "audit:activities"
	PermissionOrgAuditSSH                            = "audit:ssh"
	PermissionOrgAuditAccountGrants                  = "audit:accountgrants"
	PermissionOrgAuditOrg                            = "audit:organization"
	PermissionOrgAuditRemoteIdentities               = "audit:remoteidentities"
	PermissionOrgAuditRemoteIdentityGroups           = "audit:remoteidentitygroups"
	PermissionOrgAuditSecretStores                   = "audit:secretstores"
	PermissionOrgAuditWorkflows                      = "audit:workflows"
	PermissionOrgAuditApprovalFlows                  = "audit:approvalflows"
	PermissionOrgAuditAccessRequests                 = "audit:accessrequests"
	PermissionWorkflowList                           = "workflow:list"
	PermissionWorkflowEdit                           = "workflow:edit"
	PermissionAccessRequestEdit                      = "accessrequest:edit"
	PermissionAccessRequestList                      = "accessrequest:list"
	PermissionAccessRequestRequester                 = "accessrequest:requester"
	PermissionGlobalRDPRender                        = "rdp:render"
	PermissionGlobalQueryBucketTracker               = "query:bucket_tracker"
	PermissionGlobalAssetsGetLatestVersionCommitHash = "assets:get_latest_version_commit_hash"
	PermissionGlobalSDMOSService                     = "sdmos:service"
	PermissionGlobalSDMOSDeployment                  = "sdmos:deployment"
	PermissionGlobalSDMOSRelease                     = "sdmos:release"
	PermissionGlobalDemoProvisioner                  = "demo:provision"
	PermissionInstallationBless                      = "installation:bless"
	PermissionInstallationCreate                     = "installation:create"
	PermissionInstallationRevoke                     = "installation:revoke"
	PermissionTestingOrgCreate                       = "testing:organization:create"
	PermissionTestingOrgDelete                       = "testing:organization:delete"
	PermissionTestingNoPermissions                   = "testing:noperms"
	PermissionTestingFetchQueries                    = "testing:queries:get"
	PermissionGrantRead                              = "grant:read"
	PermissionGrantWrite                             = "grant:write"
	PermissionReportRead                             = "report:read"
	PermissionBillingRead                            = "billing:read"
	PermissionCredentialRead                         = "credential:read"
	PermissionCredentialWrite                        = "credential:write"
)

Permissions, all permissions that may be granted to an account.

View Source
const (
	QueryCategoryKubernetes  = "k8s"
	QueryCategoryDatasources = "queries"
	QueryCategoryRDP         = "rdp"
	QueryCategorySSH         = "ssh"
	QueryCategoryWeb         = "web"
	QueryCategoryCloud       = "cloud"
	QueryCategoryAll         = "all"
)

Query Categories, all the categories of resource against which queries are logged.

View Source
const (
	LogRemoteEncoderStrongDM = "strongdm"
	LogRemoteEncoderPubKey   = "pubkey"
	LogRemoteEncoderHash     = "hash"
)

LogRemoteEncoder defines the encryption encoder for the queries are stored in the API.

View Source
const (
	LogLocalStorageStdout = "stdout"
	LogLocalStorageFile   = "file"
	LogLocalStorageTCP    = "tcp"
	LogLocalStorageSocket = "socket"
	LogLocalStorageSyslog = "syslog"
	LogLocalStorageNone   = "none"
)

LogLocalStorage defines how queries are stored locally.

View Source
const (
	LogLocalEncoderPlaintext = "plaintext"
	LogLocalEncoderPubKey    = "pubkey"
)

LogLocalEncoder defines the encryption encoder for queries are stored locally in the relay.

View Source
const (
	LogLocalFormatCSV  = "csv"
	LogLocalFormatJSON = "json"
)

LogLocalFormat defines the format the queries are stored locally in the relay.

View Source
const (
	OrgKindSolo  = "solo"
	OrgKindRoot  = "root"
	OrgKindChild = "child"
)

OrgKind defines the types of organizations that may exist.

View Source
const (
	SSHKeyTypeRSA_2048  = "rsa-2048"
	SSHKeyTypeRSA_4096  = "rsa-4096"
	SSHKeyTypeECDSA_256 = "ecdsa-256"
	SSHKeyTypeECDSA_384 = "ecdsa-384"
	SSHKeyTypeECDSA_521 = "ecdsa-521"
	SSHKeyTypeED25519   = "ed25519"
)

KeyType defines the supported SSH key types

View Source
const (
	CaptureTypeShell          = "shell"
	CaptureTypeScpUpload      = "scp-upload"
	CaptureTypeScpDownload    = "scp-download"
	CaptureTypeCommand        = "command"
	CaptureTypeRDPBasic       = "rdp-basic"
	CaptureTypeRDPEnhanced    = "rdp-enhanced"
	CaptureTypeK8sExec        = "k8s-exec"
	CaptureTypeK8sExecTTY     = "k8s-execTTY"
	CaptureTypeK8sPortForward = "k8s-portForward"
	CaptureTypeK8sCPUpload    = "k8s-cp-upload"
	CaptureTypeK8sCPDownload  = "k8s-cp-download"
	CaptureTypeK8sDescribe    = "k8s-describe"
	CaptureTypeK8sGet         = "k8s-get"
	CaptureTypeK8sDelete      = "k8s-delete"
	CaptureTypeK8sGeneric     = "k8s-generic"
	CaptureTypeK8sApply       = "k8s-apply"
	CaptureTypeSSHPortForward = "ssh-portForward"
)

CaptureType designates what type of SSH/RDP/K8s capture we have.

View Source
const (
	DevicePostureProviderNone        = ""
	DevicePostureProviderSentinelOne = "sentinelone"
	DevicePostureProviderCrowdStrike = "crowdstrike"
)

Providers responsible for device posture enforcement

Variables

This section is empty.

Functions

This section is empty.

Types

type AKS

type AKS struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The certificate to authenticate TLS connections with.
	ClientCertificate string `json:"clientCertificate"`
	// The key to authenticate TLS connections with.
	ClientKey string `json:"clientKey"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AKS) GetBindInterface

func (m *AKS) GetBindInterface() string

GetBindInterface returns the bind interface of the AKS.

func (*AKS) GetEgressFilter

func (m *AKS) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AKS.

func (*AKS) GetID

func (m *AKS) GetID() string

GetID returns the unique identifier of the AKS.

func (*AKS) GetName

func (m *AKS) GetName() string

GetName returns the name of the AKS.

func (*AKS) GetSecretStoreID

func (m *AKS) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AKS.

func (*AKS) GetTags

func (m *AKS) GetTags() Tags

GetTags returns the tags of the AKS.

func (*AKS) SetBindInterface

func (m *AKS) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AKS.

func (*AKS) SetEgressFilter

func (m *AKS) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AKS.

func (*AKS) SetName

func (m *AKS) SetName(v string)

SetName sets the name of the AKS.

func (*AKS) SetSecretStoreID

func (m *AKS) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AKS.

func (*AKS) SetTags

func (m *AKS) SetTags(v Tags)

SetTags sets the tags of the AKS.

type AKSBasicAuth

type AKSBasicAuth struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*AKSBasicAuth) GetBindInterface

func (m *AKSBasicAuth) GetBindInterface() string

GetBindInterface returns the bind interface of the AKSBasicAuth.

func (*AKSBasicAuth) GetEgressFilter

func (m *AKSBasicAuth) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AKSBasicAuth.

func (*AKSBasicAuth) GetID

func (m *AKSBasicAuth) GetID() string

GetID returns the unique identifier of the AKSBasicAuth.

func (*AKSBasicAuth) GetName

func (m *AKSBasicAuth) GetName() string

GetName returns the name of the AKSBasicAuth.

func (*AKSBasicAuth) GetSecretStoreID

func (m *AKSBasicAuth) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AKSBasicAuth.

func (*AKSBasicAuth) GetTags

func (m *AKSBasicAuth) GetTags() Tags

GetTags returns the tags of the AKSBasicAuth.

func (*AKSBasicAuth) SetBindInterface

func (m *AKSBasicAuth) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AKSBasicAuth.

func (*AKSBasicAuth) SetEgressFilter

func (m *AKSBasicAuth) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AKSBasicAuth.

func (*AKSBasicAuth) SetName

func (m *AKSBasicAuth) SetName(v string)

SetName sets the name of the AKSBasicAuth.

func (*AKSBasicAuth) SetSecretStoreID

func (m *AKSBasicAuth) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AKSBasicAuth.

func (*AKSBasicAuth) SetTags

func (m *AKSBasicAuth) SetTags(v Tags)

SetTags sets the tags of the AKSBasicAuth.

type AKSServiceAccount

type AKSServiceAccount struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The API token to authenticate with.
	Token string `json:"token"`
}

func (*AKSServiceAccount) GetBindInterface

func (m *AKSServiceAccount) GetBindInterface() string

GetBindInterface returns the bind interface of the AKSServiceAccount.

func (*AKSServiceAccount) GetEgressFilter

func (m *AKSServiceAccount) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AKSServiceAccount.

func (*AKSServiceAccount) GetID

func (m *AKSServiceAccount) GetID() string

GetID returns the unique identifier of the AKSServiceAccount.

func (*AKSServiceAccount) GetName

func (m *AKSServiceAccount) GetName() string

GetName returns the name of the AKSServiceAccount.

func (*AKSServiceAccount) GetSecretStoreID

func (m *AKSServiceAccount) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AKSServiceAccount.

func (*AKSServiceAccount) GetTags

func (m *AKSServiceAccount) GetTags() Tags

GetTags returns the tags of the AKSServiceAccount.

func (*AKSServiceAccount) SetBindInterface

func (m *AKSServiceAccount) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AKSServiceAccount.

func (*AKSServiceAccount) SetEgressFilter

func (m *AKSServiceAccount) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AKSServiceAccount.

func (*AKSServiceAccount) SetName

func (m *AKSServiceAccount) SetName(v string)

SetName sets the name of the AKSServiceAccount.

func (*AKSServiceAccount) SetSecretStoreID

func (m *AKSServiceAccount) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AKSServiceAccount.

func (*AKSServiceAccount) SetTags

func (m *AKSServiceAccount) SetTags(v Tags)

SetTags sets the tags of the AKSServiceAccount.

type AKSServiceAccountUserImpersonation

type AKSServiceAccountUserImpersonation struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The API token to authenticate with.
	Token string `json:"token"`
}

func (*AKSServiceAccountUserImpersonation) GetBindInterface

func (m *AKSServiceAccountUserImpersonation) GetBindInterface() string

GetBindInterface returns the bind interface of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) GetEgressFilter

func (m *AKSServiceAccountUserImpersonation) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) GetID

GetID returns the unique identifier of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) GetName

GetName returns the name of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) GetSecretStoreID

func (m *AKSServiceAccountUserImpersonation) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) GetTags

GetTags returns the tags of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) SetBindInterface

func (m *AKSServiceAccountUserImpersonation) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) SetEgressFilter

func (m *AKSServiceAccountUserImpersonation) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) SetName

SetName sets the name of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) SetSecretStoreID

func (m *AKSServiceAccountUserImpersonation) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AKSServiceAccountUserImpersonation.

func (*AKSServiceAccountUserImpersonation) SetTags

SetTags sets the tags of the AKSServiceAccountUserImpersonation.

type AKSUserImpersonation

type AKSUserImpersonation struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The certificate to authenticate TLS connections with.
	ClientCertificate string `json:"clientCertificate"`
	// The key to authenticate TLS connections with.
	ClientKey string `json:"clientKey"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AKSUserImpersonation) GetBindInterface

func (m *AKSUserImpersonation) GetBindInterface() string

GetBindInterface returns the bind interface of the AKSUserImpersonation.

func (*AKSUserImpersonation) GetEgressFilter

func (m *AKSUserImpersonation) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AKSUserImpersonation.

func (*AKSUserImpersonation) GetID

func (m *AKSUserImpersonation) GetID() string

GetID returns the unique identifier of the AKSUserImpersonation.

func (*AKSUserImpersonation) GetName

func (m *AKSUserImpersonation) GetName() string

GetName returns the name of the AKSUserImpersonation.

func (*AKSUserImpersonation) GetSecretStoreID

func (m *AKSUserImpersonation) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AKSUserImpersonation.

func (*AKSUserImpersonation) GetTags

func (m *AKSUserImpersonation) GetTags() Tags

GetTags returns the tags of the AKSUserImpersonation.

func (*AKSUserImpersonation) SetBindInterface

func (m *AKSUserImpersonation) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AKSUserImpersonation.

func (*AKSUserImpersonation) SetEgressFilter

func (m *AKSUserImpersonation) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AKSUserImpersonation.

func (*AKSUserImpersonation) SetName

func (m *AKSUserImpersonation) SetName(v string)

SetName sets the name of the AKSUserImpersonation.

func (*AKSUserImpersonation) SetSecretStoreID

func (m *AKSUserImpersonation) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AKSUserImpersonation.

func (*AKSUserImpersonation) SetTags

func (m *AKSUserImpersonation) SetTags(v Tags)

SetTags sets the tags of the AKSUserImpersonation.

type AWS

type AWS struct {
	// The Access Key ID to use to authenticate.
	AccessKey string `json:"accessKey"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The AWS region healthcheck requests should attempt to connect to.
	HealthcheckRegion string `json:"healthcheckRegion"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// The Secret Access Key to use to authenticate.
	SecretAccessKey string `json:"secretAccessKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AWS) GetBindInterface

func (m *AWS) GetBindInterface() string

GetBindInterface returns the bind interface of the AWS.

func (*AWS) GetEgressFilter

func (m *AWS) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AWS.

func (*AWS) GetID

func (m *AWS) GetID() string

GetID returns the unique identifier of the AWS.

func (*AWS) GetName

func (m *AWS) GetName() string

GetName returns the name of the AWS.

func (*AWS) GetSecretStoreID

func (m *AWS) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AWS.

func (*AWS) GetTags

func (m *AWS) GetTags() Tags

GetTags returns the tags of the AWS.

func (*AWS) SetBindInterface

func (m *AWS) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AWS.

func (*AWS) SetEgressFilter

func (m *AWS) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AWS.

func (*AWS) SetName

func (m *AWS) SetName(v string)

SetName sets the name of the AWS.

func (*AWS) SetSecretStoreID

func (m *AWS) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AWS.

func (*AWS) SetTags

func (m *AWS) SetTags(v Tags)

SetTags sets the tags of the AWS.

type AWSCertX509Store

type AWSCertX509Store struct {
	// The ARN of the CA in AWS Private CA
	CaArn string `json:"caArn"`
	// The ARN of the AWS certificate template for requested certificates. Must allow SAN, key usage, and ext key usage passthrough from CSR
	CertificateTemplateArn string `json:"certificateTemplateArn"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// The lifetime of certificates issued by this CA represented in minutes.
	IssuedCertTTLMinutes int32 `json:"issuedCertTtlMinutes"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The AWS region to target e.g. us-east-1
	Region string `json:"region"`
	// The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. e.g. SHA256WITHRSA
	SigningAlgo string `json:"signingAlgo"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AWSCertX509Store) GetID

func (m *AWSCertX509Store) GetID() string

GetID returns the unique identifier of the AWSCertX509Store.

func (*AWSCertX509Store) GetName

func (m *AWSCertX509Store) GetName() string

GetName returns the name of the AWSCertX509Store.

func (*AWSCertX509Store) GetTags

func (m *AWSCertX509Store) GetTags() Tags

GetTags returns the tags of the AWSCertX509Store.

func (*AWSCertX509Store) SetName

func (m *AWSCertX509Store) SetName(v string)

SetName sets the name of the AWSCertX509Store.

func (*AWSCertX509Store) SetTags

func (m *AWSCertX509Store) SetTags(v Tags)

SetTags sets the tags of the AWSCertX509Store.

type AWSConsole

type AWSConsole struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// If true, prefer environment variables to authenticate connection even if EC2 roles are configured.
	EnableEnvVariables bool `json:"enableEnvVariables"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to.
	Region string `json:"region"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// The length of time in seconds AWS console sessions will live before needing to reauthenticate.
	SessionExpiry int32 `json:"sessionExpiry"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AWSConsole) GetBindInterface

func (m *AWSConsole) GetBindInterface() string

GetBindInterface returns the bind interface of the AWSConsole.

func (*AWSConsole) GetEgressFilter

func (m *AWSConsole) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AWSConsole.

func (*AWSConsole) GetID

func (m *AWSConsole) GetID() string

GetID returns the unique identifier of the AWSConsole.

func (*AWSConsole) GetName

func (m *AWSConsole) GetName() string

GetName returns the name of the AWSConsole.

func (*AWSConsole) GetSecretStoreID

func (m *AWSConsole) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AWSConsole.

func (*AWSConsole) GetTags

func (m *AWSConsole) GetTags() Tags

GetTags returns the tags of the AWSConsole.

func (*AWSConsole) SetBindInterface

func (m *AWSConsole) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AWSConsole.

func (*AWSConsole) SetEgressFilter

func (m *AWSConsole) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AWSConsole.

func (*AWSConsole) SetName

func (m *AWSConsole) SetName(v string)

SetName sets the name of the AWSConsole.

func (*AWSConsole) SetSecretStoreID

func (m *AWSConsole) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AWSConsole.

func (*AWSConsole) SetTags

func (m *AWSConsole) SetTags(v Tags)

SetTags sets the tags of the AWSConsole.

type AWSConsoleStaticKeyPair

type AWSConsoleStaticKeyPair struct {
	// The Access Key ID to authenticate with.
	AccessKey string `json:"accessKey"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to.
	Region string `json:"region"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// The Secret Access Key to authenticate with.
	SecretAccessKey string `json:"secretAccessKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// The length of time in seconds AWS console sessions will live before needing to reauthenticate.
	SessionExpiry int32 `json:"sessionExpiry"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AWSConsoleStaticKeyPair) GetBindInterface

func (m *AWSConsoleStaticKeyPair) GetBindInterface() string

GetBindInterface returns the bind interface of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) GetEgressFilter

func (m *AWSConsoleStaticKeyPair) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) GetID

func (m *AWSConsoleStaticKeyPair) GetID() string

GetID returns the unique identifier of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) GetName

func (m *AWSConsoleStaticKeyPair) GetName() string

GetName returns the name of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) GetSecretStoreID

func (m *AWSConsoleStaticKeyPair) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) GetTags

func (m *AWSConsoleStaticKeyPair) GetTags() Tags

GetTags returns the tags of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) SetBindInterface

func (m *AWSConsoleStaticKeyPair) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) SetEgressFilter

func (m *AWSConsoleStaticKeyPair) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) SetName

func (m *AWSConsoleStaticKeyPair) SetName(v string)

SetName sets the name of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) SetSecretStoreID

func (m *AWSConsoleStaticKeyPair) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AWSConsoleStaticKeyPair.

func (*AWSConsoleStaticKeyPair) SetTags

func (m *AWSConsoleStaticKeyPair) SetTags(v Tags)

SetTags sets the tags of the AWSConsoleStaticKeyPair.

type AWSStore

type AWSStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The AWS region to target e.g. us-east-1
	Region string `json:"region"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AWSStore) GetID

func (m *AWSStore) GetID() string

GetID returns the unique identifier of the AWSStore.

func (*AWSStore) GetName

func (m *AWSStore) GetName() string

GetName returns the name of the AWSStore.

func (*AWSStore) GetTags

func (m *AWSStore) GetTags() Tags

GetTags returns the tags of the AWSStore.

func (*AWSStore) SetName

func (m *AWSStore) SetName(v string)

SetName sets the name of the AWSStore.

func (*AWSStore) SetTags

func (m *AWSStore) SetTags(v Tags)

SetTags sets the tags of the AWSStore.

type AccessRequest

type AccessRequest struct {
	// The account that initiated the request.
	AccountID string `json:"accountId"`
	// The account grant created, if it exists.
	GrantID string `json:"grantId"`
	// The access request id.
	ID string `json:"id"`
	// The reason the access was requested.
	Reason string `json:"reason"`
	// The resource id.
	ResourceID string `json:"resourceId"`
	// The timestamp when the requested access will be granted.
	// If this field is not specified it will default to the current time.
	StartFrom time.Time `json:"startFrom"`
	// The status of the access request.
	Status string `json:"status"`
	// The timestamp when the status changed.
	StatusAt time.Time `json:"statusAt"`
	// The timestamp when the requested access will expire.
	ValidUntil time.Time `json:"validUntil"`
	// The workflow the request bound to.
	WorkflowID string `json:"workflowId"`
}

AccessRequests are requests for access to a resource that may match a Workflow.

type AccessRequestConfig

type AccessRequestConfig struct {
	// The time access should end, defaults to the next occurance of 5 pm
	Duration string `json:"duration"`
	// The reason for access
	Reason string `json:"reason"`
	// The resource for which access is being requested
	ResourceID string `json:"resourceId"`
	// The time access should start, defaults to now
	StartFrom time.Time `json:"startFrom"`
}

AccessRequestConfig holds the information required to request access to a resource

type AccessRequestEvent

type AccessRequestEvent struct {
	// The account responsible for the event.
	ActorID string `json:"actorId"`
	// The access request event id.
	ID string `json:"id"`
	// The metadata about the event
	Metadata string `json:"metadata"`
	// The request that the event is bound to.
	RequestID string `json:"requestId"`
	// The type of event.
	Type string `json:"type"`
}

AccessRequestEvents hold information about events related to an access request such as creation, approval and denial.

type AccessRequestEventHistory

type AccessRequestEventHistory struct {
	// The complete AccessRequestEvent state at this time.
	AccessRequestEvent *AccessRequestEvent `json:"accessRequestEvent"`
	// The unique identifier of the Activity that produced this change to the AccessRequest.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this Workflow was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the AccessRequest state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

AccessRequestEventHistory records the state of a AccessRequest at a given point in time, where every change (create, update and delete) to a AccessRequest produces an AccessRequestEventHistory record.

type AccessRequestEventHistoryIterator

type AccessRequestEventHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccessRequestEventHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccessRequestEventHistoryIterator provides read access to a list of AccessRequestEventHistory. Use it like so:

for iterator.Next() {
    accessRequestEventHistory := iterator.Value()
    // ...
}

type AccessRequestEventsHistory

type AccessRequestEventsHistory struct {
	// contains filtered or unexported fields
}

AccessRequestEventsHistory provides records of all changes to the state of an AccessRequest.

func (*AccessRequestEventsHistory) List

func (svc *AccessRequestEventsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccessRequestEventHistoryIterator,
	error)

List gets a list of AccessRequestEventHistory records matching a given set of criteria.

type AccessRequestHistory

type AccessRequestHistory struct {
	// The complete AccessRequest state at this time.
	AccessRequest *AccessRequest `json:"accessRequest"`
	// The unique identifier of the Activity that produced this change to the AccessRequest.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this Workflow was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the AccessRequest state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

AccessRequestHistory records the state of a AccessRequest at a given point in time, where every change (create, update and delete) to a AccessRequest produces an AccessRequestHistory record.

type AccessRequestHistoryIterator

type AccessRequestHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccessRequestHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccessRequestHistoryIterator provides read access to a list of AccessRequestHistory. Use it like so:

for iterator.Next() {
    accessRequestHistory := iterator.Value()
    // ...
}

type AccessRequestIterator

type AccessRequestIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccessRequest
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccessRequestIterator provides read access to a list of AccessRequest. Use it like so:

for iterator.Next() {
    accessRequest := iterator.Value()
    // ...
}

type AccessRequestListRequest

type AccessRequestListRequest struct {
	// A human-readable filter query string.
	Filter string `json:"filter"`
}

AccessRequestListRequest specifies criteria for retrieving a list of AccessRequest records

type AccessRequestListResponse

type AccessRequestListResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccessRequestListResponse returns a list of access requests records that meet the criteria of a AccessRequestListRequest.

type AccessRequests

type AccessRequests struct {
	// contains filtered or unexported fields
}

AccessRequests are requests for access to a resource that may match a Workflow.

func (*AccessRequests) List

func (svc *AccessRequests) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccessRequestIterator,
	error)

Lists existing access requests.

type AccessRequestsHistory

type AccessRequestsHistory struct {
	// contains filtered or unexported fields
}

AccessRequestsHistory provides records of all changes to the state of an AccessRequest.

func (*AccessRequestsHistory) List

func (svc *AccessRequestsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccessRequestHistoryIterator,
	error)

List gets a list of AccessRequestHistory records matching a given set of criteria.

type AccessRule

type AccessRule struct {

	// IDs is a list of Resource IDs granted by this AccessRule. If this field
	// is set, the rule is a static access rule. No other fields can be set on a
	// static access rule.
	IDs []string `json:"ids,omitempty"`

	// Type specifies a Resource type. You can set this field by itself to grant
	// access to all Resources of a certain type. You can also use it in
	// conjunction with the Tags field to further narrow down the scope of
	// Resources granted.
	//
	// See the following link for a list of possible values for this field:
	// https://www.strongdm.com/docs/automation/getting-started/filters#h-potentialresourcetypevalues
	Type string `json:"type,omitempty"`

	// Tags specifies a list of key/value pairs. You can set this field by
	// itself to grant access to all Resources which have all the given tags.
	// You can also use it in conjunction with the Type field to further narrow
	// down the scope of Resources granted.
	Tags Tags `json:"tags,omitempty"`
}

An AccessRule grants access to a set of Resources. There are two kinds of AccessRules:

- Dynamic: a rule which identifies Resources based on their type or tags - Static: a rule which contains an explicit list of Resource IDs

type AccessRules

type AccessRules []AccessRule

AccessRules define which Resources can be accessed by members of a Role.

func ParseAccessRulesJSON

func ParseAccessRulesJSON(data string) (AccessRules, error)

ParseAccessRulesJSON parses the given access rules JSON string.

type Account

type Account interface {
	// GetID returns the unique identifier of the Account.
	GetID() string
	// IsSuspended returns whether the Account is suspended.
	IsSuspended() bool
	// SetSuspended sets the suspended of the Account.
	SetSuspended(bool)
	// GetTags returns the tags of the Account.
	GetTags() Tags
	// SetTags sets the tags of the Account.
	SetTags(Tags)
	// contains filtered or unexported methods
}

Accounts are users that have access to strongDM. The types of accounts are: 1. **Users:** humans who are authenticated through username and password or SSO. 2. **Service Accounts:** machines that are authenticated using a service token. 3. **Tokens** are access keys with permissions that can be used for authentication.

type AccountAttachment

type AccountAttachment struct {
	// The id of the account of this AccountAttachment.
	AccountID string `json:"accountId"`
	// Unique identifier of the AccountAttachment.
	ID string `json:"id"`
	// The id of the attached role of this AccountAttachment.
	RoleID string `json:"roleId"`
}

AccountAttachments assign an account to a role.

type AccountAttachmentCreateResponse

type AccountAttachmentCreateResponse struct {
	// The created AccountAttachment.
	AccountAttachment *AccountAttachment `json:"accountAttachment"`
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccountAttachmentCreateResponse reports how the AccountAttachments were created in the system.

type AccountAttachmentDeleteResponse

type AccountAttachmentDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccountAttachmentDeleteResponse returns information about a AccountAttachment that was deleted.

type AccountAttachmentGetResponse

type AccountAttachmentGetResponse struct {
	// The requested AccountAttachment.
	AccountAttachment *AccountAttachment `json:"accountAttachment"`
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccountAttachmentGetResponse returns a requested AccountAttachment.

type AccountAttachmentHistory

type AccountAttachmentHistory struct {
	// The complete AccountAttachment state at this time.
	AccountAttachment *AccountAttachment `json:"accountAttachment"`
	// The unique identifier of the Activity that produced this change to the AccountAttachment.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this AccountAttachment was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the AccountAttachment state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

AccountAttachmentHistory records the state of an AccountAttachment at a given point in time, where every change (create or delete) to an AccountAttachment produces an AccountAttachmentHistory record.

type AccountAttachmentHistoryIterator

type AccountAttachmentHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccountAttachmentHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccountAttachmentHistoryIterator provides read access to a list of AccountAttachmentHistory. Use it like so:

for iterator.Next() {
    accountAttachmentHistory := iterator.Value()
    // ...
}

type AccountAttachmentIterator

type AccountAttachmentIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccountAttachment
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccountAttachmentIterator provides read access to a list of AccountAttachment. Use it like so:

for iterator.Next() {
    accountAttachment := iterator.Value()
    // ...
}

type AccountAttachments

type AccountAttachments struct {
	// contains filtered or unexported fields
}

AccountAttachments assign an account to a role.

func (*AccountAttachments) Create

func (svc *AccountAttachments) Create(
	ctx context.Context,
	accountAttachment *AccountAttachment) (
	*AccountAttachmentCreateResponse,
	error)

Create registers a new AccountAttachment.

func (*AccountAttachments) Delete

Delete removes a AccountAttachment by ID.

func (*AccountAttachments) Get

Get reads one AccountAttachment by ID.

func (*AccountAttachments) List

func (svc *AccountAttachments) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccountAttachmentIterator,
	error)

List gets a list of AccountAttachments matching a given set of criteria.

type AccountAttachmentsHistory

type AccountAttachmentsHistory struct {
	// contains filtered or unexported fields
}

AccountAttachmentsHistory records all changes to the state of an AccountAttachment.

func (*AccountAttachmentsHistory) List

func (svc *AccountAttachmentsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccountAttachmentHistoryIterator,
	error)

List gets a list of AccountAttachmentHistory records matching a given set of criteria.

type AccountCreateResponse

type AccountCreateResponse struct {
	// ID part of the API key.
	AccessKey string `json:"accessKey"`
	// The created Account.
	Account Account `json:"account"`
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// Secret part of the API key.
	SecretKey string `json:"secretKey"`
	// The auth token generated for the Account. The Account will use this token to
	// authenticate with the strongDM API.
	Token string `json:"token"`
}

AccountCreateResponse reports how the Accounts were created in the system.

type AccountDeleteResponse

type AccountDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccountDeleteResponse returns information about a Account that was deleted.

type AccountGetResponse

type AccountGetResponse struct {
	// The requested Account.
	Account Account `json:"account"`
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccountGetResponse returns a requested Account.

type AccountGrant

type AccountGrant struct {
	// The account ID of this AccountGrant.
	AccountID string `json:"accountId"`
	// Unique identifier of the AccountGrant.
	ID string `json:"id"`
	// The resource ID of this AccountGrant.
	ResourceID string `json:"resourceId"`
	// The timestamp when the resource will be granted. When creating an AccountGrant, if this field is not specified, it will default to the current time.
	StartFrom time.Time `json:"startFrom"`
	// The timestamp when the resource grant will expire.
	ValidUntil time.Time `json:"validUntil"`
}

AccountGrants connect a resource directly to an account, giving the account the permission to connect to that resource.

type AccountGrantCreateResponse

type AccountGrantCreateResponse struct {
	// The created AccountGrant.
	AccountGrant *AccountGrant `json:"accountGrant"`
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccountGrantCreateResponse reports how the AccountGrants were created in the system.

type AccountGrantDeleteResponse

type AccountGrantDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccountGrantDeleteResponse returns information about a AccountGrant that was deleted.

type AccountGrantGetResponse

type AccountGrantGetResponse struct {
	// The requested AccountGrant.
	AccountGrant *AccountGrant `json:"accountGrant"`
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccountGrantGetResponse returns a requested AccountGrant.

type AccountGrantHistory

type AccountGrantHistory struct {
	// The complete AccountGrant state at this time.
	AccountGrant *AccountGrant `json:"accountGrant"`
	// The unique identifier of the Activity that produced this change to the AccountGrant.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this AccountGrant was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the AccountGrant state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

AccountGrantHistory records the state of an AccountGrant at a given point in time, where every change (create or delete) to an AccountGrant produces an AccountGrantHistory record.

type AccountGrantHistoryIterator

type AccountGrantHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccountGrantHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccountGrantHistoryIterator provides read access to a list of AccountGrantHistory. Use it like so:

for iterator.Next() {
    accountGrantHistory := iterator.Value()
    // ...
}

type AccountGrantIterator

type AccountGrantIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccountGrant
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccountGrantIterator provides read access to a list of AccountGrant. Use it like so:

for iterator.Next() {
    accountGrant := iterator.Value()
    // ...
}

type AccountGrants

type AccountGrants struct {
	// contains filtered or unexported fields
}

AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

func (*AccountGrants) Create

func (svc *AccountGrants) Create(
	ctx context.Context,
	accountGrant *AccountGrant) (
	*AccountGrantCreateResponse,
	error)

Create registers a new AccountGrant.

func (*AccountGrants) Delete

Delete removes a AccountGrant by ID.

func (*AccountGrants) Get

Get reads one AccountGrant by ID.

func (*AccountGrants) List

func (svc *AccountGrants) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccountGrantIterator,
	error)

List gets a list of AccountGrants matching a given set of criteria.

type AccountGrantsHistory

type AccountGrantsHistory struct {
	// contains filtered or unexported fields
}

AccountGrantsHistory records all changes to the state of an AccountGrant.

func (*AccountGrantsHistory) List

func (svc *AccountGrantsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccountGrantHistoryIterator,
	error)

List gets a list of AccountGrantHistory records matching a given set of criteria.

type AccountHistory

type AccountHistory struct {
	// The complete Account state at this time.
	Account Account `json:"account"`
	// The unique identifier of the Activity that produced this change to the Account.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this Account was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the Account state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

AccountHistory records the state of an Account at a given point in time, where every change (create, update and delete) to an Account produces an AccountHistory record.

type AccountHistoryIterator

type AccountHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccountHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccountHistoryIterator provides read access to a list of AccountHistory. Use it like so:

for iterator.Next() {
    accountHistory := iterator.Value()
    // ...
}

type AccountIterator

type AccountIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() Account
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccountIterator provides read access to a list of Account. Use it like so:

for iterator.Next() {
    account := iterator.Value()
    // ...
}

type AccountPermission

type AccountPermission struct {
	// The unique identifier of the Account this permission belongs to.
	AccountID string `json:"accountId"`
	// The most recent time at which the permission was granted. If a permission was
	// granted, revoked, and granted again, this will reflect the later time.
	GrantedAt time.Time `json:"grantedAt"`
	// The value of this permission, split into vertical and action e.g.
	// 'secretstore:List', 'role:update'
	Permission string `json:"permission"`
	// The scope of this permission. A global scope means this action can be taken
	// on any entity; otherwise the action can only be taken on or in the scope of
	// the scoped id.
	Scope string `json:"scope"`
	// The ID to which or in whose context this operation is permitted. e.g. The ID of a
	// role that a team leader has the abillity to remove and add accounts to, or the
	// ID of a resource that a user has the permission to connect to. If Scope is global,
	// scoped id is not populated.
	ScopedID string `json:"scopedId"`
}

AccountPermission represents an individual API action available to an account.

type AccountPermissionIterator

type AccountPermissionIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccountPermission
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccountPermissionIterator provides read access to a list of AccountPermission. Use it like so:

for iterator.Next() {
    accountPermission := iterator.Value()
    // ...
}

type AccountPermissions

type AccountPermissions struct {
	// contains filtered or unexported fields
}

AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

func (*AccountPermissions) List

func (svc *AccountPermissions) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccountPermissionIterator,
	error)

List gets a list of Permission records matching a given set of criteria.

type AccountResource

type AccountResource struct {
	// The unique identifier of the AccountGrant through which the Account was granted access to the Resource.
	// If empty, access was not granted through an AccountGrant.
	AccountGrantID string `json:"accountGrantId"`
	// The unique identifier of the Account to which access is granted.
	AccountID string `json:"accountId"`
	// The time this grant was created, distinct from 'granted at' in the case where access is scheduled
	// for the future. If access was granted, revoked, and granted again, this will reflect the later creation time.
	CreatedAt time.Time `json:"createdAt"`
	// The time at which access will expire. If empty, this access has no expiration.
	ExpiresAt time.Time `json:"expiresAt"`
	// The most recent time at which access was granted. If access was granted,
	// revoked, and granted again, this will reflect the later time.
	GrantedAt time.Time `json:"grantedAt"`
	// The unique identifier of the Resource to which access is granted.
	ResourceID string `json:"resourceId"`
	// The unique identifier of the Role through which the Account was granted access to the Resource.
	// If empty, access was not granted through an AccountAttachment to a Role.
	RoleID string `json:"roleId"`
}

AccountResource represents an individual access grant of a Account to a Resource.

type AccountResourceHistory

type AccountResourceHistory struct {
	// The complete AccountResource state at this time.
	AccountResource *AccountResource `json:"accountResource"`
	// The unique identifier of the Activity that produced this change to the AccountResource.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this AccountResource was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the AccountResource state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

AccountResourceHistory records the state of a AccountResource at a given point in time, where every change (create or delete) to a AccountResource produces an AccountResourceHistory record.

type AccountResourceHistoryIterator

type AccountResourceHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccountResourceHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccountResourceHistoryIterator provides read access to a list of AccountResourceHistory. Use it like so:

for iterator.Next() {
    accountResourceHistory := iterator.Value()
    // ...
}

type AccountResourceIterator

type AccountResourceIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *AccountResource
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

AccountResourceIterator provides read access to a list of AccountResource. Use it like so:

for iterator.Next() {
    accountResource := iterator.Value()
    // ...
}

type AccountResources

type AccountResources struct {
	// contains filtered or unexported fields
}

AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.

func (*AccountResources) List

func (svc *AccountResources) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccountResourceIterator,
	error)

List gets a list of AccountResource records matching a given set of criteria.

type AccountResourcesHistory

type AccountResourcesHistory struct {
	// contains filtered or unexported fields
}

AccountResourcesHistory records all changes to the state of a AccountResource.

func (*AccountResourcesHistory) List

func (svc *AccountResourcesHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccountResourceHistoryIterator,
	error)

List gets a list of AccountResourceHistory records matching a given set of criteria.

type AccountUpdateResponse

type AccountUpdateResponse struct {
	// The updated Account.
	Account Account `json:"account"`
	// Reserved for future use.
	Meta *UpdateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

AccountUpdateResponse returns the fields of a Account after it has been updated by a AccountUpdateRequest.

type Accounts

type Accounts struct {
	// contains filtered or unexported fields
}

Accounts are users that have access to strongDM. There are two types of accounts: 1. **Users:** humans who are authenticated through username and password or SSO. 2. **Service Accounts:** machines that are authenticated using a service token. 3. **Tokens** are access keys with permissions that can be used for authentication.

func (*Accounts) Create

func (svc *Accounts) Create(
	ctx context.Context,
	account Account) (
	*AccountCreateResponse,
	error)

Create registers a new Account.

func (*Accounts) Delete

func (svc *Accounts) Delete(
	ctx context.Context,
	id string) (
	*AccountDeleteResponse,
	error)

Delete removes an Account by ID.

func (*Accounts) Get

func (svc *Accounts) Get(
	ctx context.Context,
	id string) (
	*AccountGetResponse,
	error)

Get reads one Account by ID.

func (*Accounts) List

func (svc *Accounts) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccountIterator,
	error)

List gets a list of Accounts matching a given set of criteria.

func (*Accounts) Update

func (svc *Accounts) Update(
	ctx context.Context,
	account Account) (
	*AccountUpdateResponse,
	error)

Update replaces all the fields of an Account by ID.

type AccountsHistory

type AccountsHistory struct {
	// contains filtered or unexported fields
}

AccountsHistory records all changes to the state of an Account.

func (*AccountsHistory) List

func (svc *AccountsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	AccountHistoryIterator,
	error)

List gets a list of AccountHistory records matching a given set of criteria.

type ActiveDirectoryStore

type ActiveDirectoryStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// Hostname of server that is hosting NDES (Network Device Enrollment Services).
	// Often this is the same host as Active Directory Certificate Services
	ServerAddress string `json:"serverAddress"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*ActiveDirectoryStore) GetID

func (m *ActiveDirectoryStore) GetID() string

GetID returns the unique identifier of the ActiveDirectoryStore.

func (*ActiveDirectoryStore) GetName

func (m *ActiveDirectoryStore) GetName() string

GetName returns the name of the ActiveDirectoryStore.

func (*ActiveDirectoryStore) GetTags

func (m *ActiveDirectoryStore) GetTags() Tags

GetTags returns the tags of the ActiveDirectoryStore.

func (*ActiveDirectoryStore) SetName

func (m *ActiveDirectoryStore) SetName(v string)

SetName sets the name of the ActiveDirectoryStore.

func (*ActiveDirectoryStore) SetTags

func (m *ActiveDirectoryStore) SetTags(v Tags)

SetTags sets the tags of the ActiveDirectoryStore.

type Activities

type Activities struct {
	// contains filtered or unexported fields
}

An Activity is a record of an action taken against a strongDM deployment, e.g. a user creation, resource deletion, sso configuration change, etc. The Activities service is read-only.

func (*Activities) Get

func (svc *Activities) Get(
	ctx context.Context,
	id string) (
	*ActivityGetResponse,
	error)

Get reads one Activity by ID.

func (*Activities) List

func (svc *Activities) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	ActivityIterator,
	error)

List gets a list of Activities matching a given set of criteria. The 'before' and 'after' filters can be used to control the time range of the output activities. If not provided, one week of back of activities will be returned.

type Activity

type Activity struct {
	// The account who executed this activity. If the actor later has a name or email change,
	// that change is not reflected here. Actor is a snapshot of the executing account at
	// the time an activity took place.
	Actor *ActivityActor `json:"actor"`
	// The time this activity took effect.
	CompletedAt time.Time `json:"completedAt"`
	// A humanized description of the activity.
	Description string `json:"description"`
	// The entities involved in this activity. These entities can be any first class
	// entity in the strongDM system, eg. a user, a role, a node, an account grant. Not
	// every activity affects explicit entities.
	Entities []*ActivityEntity `json:"entities"`
	// Unique identifier of the Activity.
	ID string `json:"id"`
	// The IP from which this action was taken.
	IPAddress string `json:"ipAddress"`
	// The User Agent present when this request was executed. Generally a client type and version
	// like strongdm-cli/55.66.77
	UserAgent string `json:"userAgent"`
	// The kind of activity which has taken place.
	Verb string `json:"verb"`
}

An Activity is a record of an action taken against a strongDM deployment, e.g. a user creation, resource deletion, sso configuration change, etc.

type ActivityActor

type ActivityActor struct {
	// The external ID of the actor at the time this activity occurred.
	ActivityExternalID string `json:"activityExternalId"`
	// The email of the actor at the time this activity occurred.
	Email string `json:"email"`
	// The first name of the actor at the time this activity occurred.
	FirstName string `json:"firstName"`
	// Unique identifier of the actor. Immutable.
	ID string `json:"id"`
	// The last name of the actor at the time this activity occurred.
	LastName string `json:"lastName"`
}

type ActivityEntity

type ActivityEntity struct {
	// The email of the affected entity, if it has one (for example, if it is an account).
	Email string `json:"email"`
	// The external ID of the affected entity, if it has one (for example, if it is an account).
	ExternalID string `json:"externalId"`
	// The unique identifier of the entity this activity affected.
	ID string `json:"id"`
	// A display name representing the affected entity.
	Name string `json:"name"`
	// The type of entity affected, one of the Activity Entities constants.
	Type string `json:"type"`
}

type ActivityGetResponse

type ActivityGetResponse struct {
	// The requested Activity.
	Activity *Activity `json:"activity"`
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ActivityGetResponse returns a requested Activity.

type ActivityIterator

type ActivityIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *Activity
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ActivityIterator provides read access to a list of Activity. Use it like so:

for iterator.Next() {
    activity := iterator.Value()
    // ...
}

type AlreadyExistsError

type AlreadyExistsError struct {
	// Message is the error content.
	Message string
}

AlreadyExistsError is used when an entity already exists in the system

func (AlreadyExistsError) Code

func (e AlreadyExistsError) Code() int

func (AlreadyExistsError) Error

func (e AlreadyExistsError) Error() string

type AmazonEKS

type AmazonEKS struct {
	// The Access Key ID to use to authenticate.
	AccessKey string `json:"accessKey"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The name of the cluster to connect to.
	ClusterName string `json:"clusterName"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The endpoint to dial.
	Endpoint string `json:"endpoint"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to e.g. us-east-1.
	Region string `json:"region"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// The Secret Access Key to use to authenticate.
	SecretAccessKey string `json:"secretAccessKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AmazonEKS) GetBindInterface

func (m *AmazonEKS) GetBindInterface() string

GetBindInterface returns the bind interface of the AmazonEKS.

func (*AmazonEKS) GetEgressFilter

func (m *AmazonEKS) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AmazonEKS.

func (*AmazonEKS) GetID

func (m *AmazonEKS) GetID() string

GetID returns the unique identifier of the AmazonEKS.

func (*AmazonEKS) GetName

func (m *AmazonEKS) GetName() string

GetName returns the name of the AmazonEKS.

func (*AmazonEKS) GetSecretStoreID

func (m *AmazonEKS) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AmazonEKS.

func (*AmazonEKS) GetTags

func (m *AmazonEKS) GetTags() Tags

GetTags returns the tags of the AmazonEKS.

func (*AmazonEKS) SetBindInterface

func (m *AmazonEKS) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AmazonEKS.

func (*AmazonEKS) SetEgressFilter

func (m *AmazonEKS) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AmazonEKS.

func (*AmazonEKS) SetName

func (m *AmazonEKS) SetName(v string)

SetName sets the name of the AmazonEKS.

func (*AmazonEKS) SetSecretStoreID

func (m *AmazonEKS) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AmazonEKS.

func (*AmazonEKS) SetTags

func (m *AmazonEKS) SetTags(v Tags)

SetTags sets the tags of the AmazonEKS.

type AmazonEKSInstanceProfile

type AmazonEKSInstanceProfile struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The name of the cluster to connect to.
	ClusterName string `json:"clusterName"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The endpoint to dial.
	Endpoint string `json:"endpoint"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to e.g. us-east-1.
	Region string `json:"region"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AmazonEKSInstanceProfile) GetBindInterface

func (m *AmazonEKSInstanceProfile) GetBindInterface() string

GetBindInterface returns the bind interface of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) GetEgressFilter

func (m *AmazonEKSInstanceProfile) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) GetID

func (m *AmazonEKSInstanceProfile) GetID() string

GetID returns the unique identifier of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) GetName

func (m *AmazonEKSInstanceProfile) GetName() string

GetName returns the name of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) GetSecretStoreID

func (m *AmazonEKSInstanceProfile) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) GetTags

func (m *AmazonEKSInstanceProfile) GetTags() Tags

GetTags returns the tags of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) SetBindInterface

func (m *AmazonEKSInstanceProfile) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) SetEgressFilter

func (m *AmazonEKSInstanceProfile) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) SetName

func (m *AmazonEKSInstanceProfile) SetName(v string)

SetName sets the name of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) SetSecretStoreID

func (m *AmazonEKSInstanceProfile) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AmazonEKSInstanceProfile.

func (*AmazonEKSInstanceProfile) SetTags

func (m *AmazonEKSInstanceProfile) SetTags(v Tags)

SetTags sets the tags of the AmazonEKSInstanceProfile.

type AmazonEKSInstanceProfileUserImpersonation

type AmazonEKSInstanceProfileUserImpersonation struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The name of the cluster to connect to.
	ClusterName string `json:"clusterName"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The endpoint to dial.
	Endpoint string `json:"endpoint"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to e.g. us-east-1.
	Region string `json:"region"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AmazonEKSInstanceProfileUserImpersonation) GetBindInterface

func (m *AmazonEKSInstanceProfileUserImpersonation) GetBindInterface() string

GetBindInterface returns the bind interface of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) GetEgressFilter

GetEgressFilter returns the egress filter of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) GetID

GetID returns the unique identifier of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) GetName

GetName returns the name of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) GetSecretStoreID

func (m *AmazonEKSInstanceProfileUserImpersonation) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) GetTags

GetTags returns the tags of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) SetBindInterface

func (m *AmazonEKSInstanceProfileUserImpersonation) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) SetEgressFilter

func (m *AmazonEKSInstanceProfileUserImpersonation) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) SetName

SetName sets the name of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) SetSecretStoreID

func (m *AmazonEKSInstanceProfileUserImpersonation) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AmazonEKSInstanceProfileUserImpersonation.

func (*AmazonEKSInstanceProfileUserImpersonation) SetTags

SetTags sets the tags of the AmazonEKSInstanceProfileUserImpersonation.

type AmazonEKSUserImpersonation

type AmazonEKSUserImpersonation struct {
	// The Access Key ID to use to authenticate.
	AccessKey string `json:"accessKey"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The name of the cluster to connect to.
	ClusterName string `json:"clusterName"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The endpoint to dial.
	Endpoint string `json:"endpoint"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to e.g. us-east-1.
	Region string `json:"region"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// The Secret Access Key to use to authenticate.
	SecretAccessKey string `json:"secretAccessKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AmazonEKSUserImpersonation) GetBindInterface

func (m *AmazonEKSUserImpersonation) GetBindInterface() string

GetBindInterface returns the bind interface of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) GetEgressFilter

func (m *AmazonEKSUserImpersonation) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) GetID

GetID returns the unique identifier of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) GetName

func (m *AmazonEKSUserImpersonation) GetName() string

GetName returns the name of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) GetSecretStoreID

func (m *AmazonEKSUserImpersonation) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) GetTags

func (m *AmazonEKSUserImpersonation) GetTags() Tags

GetTags returns the tags of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) SetBindInterface

func (m *AmazonEKSUserImpersonation) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) SetEgressFilter

func (m *AmazonEKSUserImpersonation) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) SetName

func (m *AmazonEKSUserImpersonation) SetName(v string)

SetName sets the name of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) SetSecretStoreID

func (m *AmazonEKSUserImpersonation) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AmazonEKSUserImpersonation.

func (*AmazonEKSUserImpersonation) SetTags

func (m *AmazonEKSUserImpersonation) SetTags(v Tags)

SetTags sets the tags of the AmazonEKSUserImpersonation.

type AmazonES

type AmazonES struct {
	// The Access Key ID to use to authenticate.
	AccessKey string `json:"accessKey"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The endpoint to dial e.g. search-?.region.es.amazonaws.com"
	Endpoint string `json:"endpoint"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to e.g. us-east-1.
	Region string `json:"region"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// The Secret Access Key to use to authenticate.
	SecretAccessKey string `json:"secretAccessKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*AmazonES) GetBindInterface

func (m *AmazonES) GetBindInterface() string

GetBindInterface returns the bind interface of the AmazonES.

func (*AmazonES) GetEgressFilter

func (m *AmazonES) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AmazonES.

func (*AmazonES) GetID

func (m *AmazonES) GetID() string

GetID returns the unique identifier of the AmazonES.

func (*AmazonES) GetName

func (m *AmazonES) GetName() string

GetName returns the name of the AmazonES.

func (*AmazonES) GetSecretStoreID

func (m *AmazonES) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AmazonES.

func (*AmazonES) GetTags

func (m *AmazonES) GetTags() Tags

GetTags returns the tags of the AmazonES.

func (*AmazonES) SetBindInterface

func (m *AmazonES) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AmazonES.

func (*AmazonES) SetEgressFilter

func (m *AmazonES) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AmazonES.

func (*AmazonES) SetName

func (m *AmazonES) SetName(v string)

SetName sets the name of the AmazonES.

func (*AmazonES) SetSecretStoreID

func (m *AmazonES) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AmazonES.

func (*AmazonES) SetTags

func (m *AmazonES) SetTags(v Tags)

SetTags sets the tags of the AmazonES.

type AmazonMQAMQP091

type AmazonMQAMQP091 struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*AmazonMQAMQP091) GetBindInterface

func (m *AmazonMQAMQP091) GetBindInterface() string

GetBindInterface returns the bind interface of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) GetEgressFilter

func (m *AmazonMQAMQP091) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) GetID

func (m *AmazonMQAMQP091) GetID() string

GetID returns the unique identifier of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) GetName

func (m *AmazonMQAMQP091) GetName() string

GetName returns the name of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) GetSecretStoreID

func (m *AmazonMQAMQP091) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) GetTags

func (m *AmazonMQAMQP091) GetTags() Tags

GetTags returns the tags of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) SetBindInterface

func (m *AmazonMQAMQP091) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) SetEgressFilter

func (m *AmazonMQAMQP091) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) SetName

func (m *AmazonMQAMQP091) SetName(v string)

SetName sets the name of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) SetSecretStoreID

func (m *AmazonMQAMQP091) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AmazonMQAMQP091.

func (*AmazonMQAMQP091) SetTags

func (m *AmazonMQAMQP091) SetTags(v Tags)

SetTags sets the tags of the AmazonMQAMQP091.

type ApprovalWorkflow

type ApprovalWorkflow struct {
	// Approval mode of the ApprovalWorkflow
	ApprovalMode string `json:"approvalMode"`
	// Optional description of the ApprovalWorkflow.
	Description string `json:"description"`
	// Unique identifier of the ApprovalWorkflow.
	ID string `json:"id"`
	// Unique human-readable name of the ApprovalWorkflow.
	Name string `json:"name"`
}

ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.

type ApprovalWorkflowApprover

type ApprovalWorkflowApprover struct {
	// The approver account id.
	AccountID string `json:"accountId"`
	// The approval flow id specified the approval workflow that this approver belongs to
	ApprovalFlowID string `json:"approvalFlowId"`
	// The approval step id specified the approval flow step that this approver belongs to
	ApprovalStepID string `json:"approvalStepId"`
	// Unique identifier of the ApprovalWorkflowApprover.
	ID string `json:"id"`
	// The approver role id
	RoleID string `json:"roleId"`
}

ApprovalWorkflowApprover links an approval workflow approver to an ApprovalWorkflowStep

type ApprovalWorkflowApproverCreateResponse

type ApprovalWorkflowApproverCreateResponse struct {
	// The created approval workflow approver.
	ApprovalWorkflowApprover *ApprovalWorkflowApprover `json:"approvalWorkflowApprover"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowApproverCreateResponse reports how the ApprovalWorkflowApprover was created in the system.

type ApprovalWorkflowApproverDeleteResponse

type ApprovalWorkflowApproverDeleteResponse struct {
	// The deleted approval workflow approver id.
	ID string `json:"id"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowApproverDeleteResponse returns information about an ApprovalWorkflowApprover that was deleted.

type ApprovalWorkflowApproverGetResponse

type ApprovalWorkflowApproverGetResponse struct {
	// The requested ApprovalWorkflowApprover.
	ApprovalWorkflowApprover *ApprovalWorkflowApprover `json:"approvalWorkflowApprover"`
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowApproverGetResponse returns a requested ApprovalWorkflowApprover.

type ApprovalWorkflowApproverHistory

type ApprovalWorkflowApproverHistory struct {
	// The unique identifier of the Activity that produced this change to the ApprovalWorkflowApprover.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// The complete ApprovalWorkflowApprover state at this time.
	ApprovalWorkflowApprover *ApprovalWorkflowApprover `json:"approvalWorkflowApprover"`
	// If this ApprovalWorkflowApprover was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the ApprovalWorkflowApprover state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

ApprovalWorkflowApproverHistory records the state of an ApprovalWorkflowApprover at a given point in time, where every change (create or delete) to an ApprovalWorkflowApprover produces an ApprovalWorkflowApproverHistory record.

type ApprovalWorkflowApproverHistoryIterator

type ApprovalWorkflowApproverHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *ApprovalWorkflowApproverHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ApprovalWorkflowApproverHistoryIterator provides read access to a list of ApprovalWorkflowApproverHistory. Use it like so:

for iterator.Next() {
    approvalWorkflowApproverHistory := iterator.Value()
    // ...
}

type ApprovalWorkflowApproverIterator

type ApprovalWorkflowApproverIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *ApprovalWorkflowApprover
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ApprovalWorkflowApproverIterator provides read access to a list of ApprovalWorkflowApprover. Use it like so:

for iterator.Next() {
    approvalWorkflowApprover := iterator.Value()
    // ...
}

type ApprovalWorkflowApproverListResponse

type ApprovalWorkflowApproverListResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowApproverListResponse returns a list of ApprovalWorkflowApprover records that meet the criteria of an ApprovalWorkflowApproverListRequest.

type ApprovalWorkflowApprovers

type ApprovalWorkflowApprovers struct {
	// contains filtered or unexported fields
}

ApprovalWorkflowApprovers link approval workflow approvers to an ApprovalWorkflowStep

func (*ApprovalWorkflowApprovers) Create

Create creates a new approval workflow approver.

func (*ApprovalWorkflowApprovers) Delete

Delete deletes an existing approval workflow approver.

func (*ApprovalWorkflowApprovers) Get

Get reads one approval workflow approver by ID.

func (*ApprovalWorkflowApprovers) List

func (svc *ApprovalWorkflowApprovers) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	ApprovalWorkflowApproverIterator,
	error)

Lists existing approval workflow approvers.

type ApprovalWorkflowApproversHistory

type ApprovalWorkflowApproversHistory struct {
	// contains filtered or unexported fields
}

ApprovalWorkflowApproversHistory records all changes to the state of an ApprovalWorkflowApprover.

func (*ApprovalWorkflowApproversHistory) List

List gets a list of ApprovalWorkflowApproverHistory records matching a given set of criteria.

type ApprovalWorkflowCreateResponse

type ApprovalWorkflowCreateResponse struct {
	// The created approval workflow.
	ApprovalWorkflow *ApprovalWorkflow `json:"approvalWorkflow"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowCreateResponse reports how the ApprovalWorkflow was created in the system.

type ApprovalWorkflowDeleteResponse

type ApprovalWorkflowDeleteResponse struct {
	// The deleted approval workflow id.
	ID string `json:"id"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowDeleteResponse returns information about an ApprovalWorkflow that was deleted.

type ApprovalWorkflowGetResponse

type ApprovalWorkflowGetResponse struct {
	// The requested ApprovalWorkflow.
	ApprovalWorkflow *ApprovalWorkflow `json:"approvalWorkflow"`
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowGetResponse returns a requested ApprovalWorkflow.

type ApprovalWorkflowHistory

type ApprovalWorkflowHistory struct {
	// The unique identifier of the Activity that produced this change to the ApprovalWorkflow.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// The complete ApprovalWorkflow state at this time.
	ApprovalWorkflow *ApprovalWorkflow `json:"approvalWorkflow"`
	// If this ApprovalWorkflow was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the ApprovalWorkflow state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

ApprovalWorkflowHistory records the state of an ApprovalWorkflow at a given point in time, where every change (create, update and delete) to an ApprovalWorkflow produces an ApprovalWorkflowHistory record.

type ApprovalWorkflowHistoryIterator

type ApprovalWorkflowHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *ApprovalWorkflowHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ApprovalWorkflowHistoryIterator provides read access to a list of ApprovalWorkflowHistory. Use it like so:

for iterator.Next() {
    approvalWorkflowHistory := iterator.Value()
    // ...
}

type ApprovalWorkflowIterator

type ApprovalWorkflowIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *ApprovalWorkflow
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ApprovalWorkflowIterator provides read access to a list of ApprovalWorkflow. Use it like so:

for iterator.Next() {
    approvalWorkflow := iterator.Value()
    // ...
}

type ApprovalWorkflowListResponse

type ApprovalWorkflowListResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowListResponse returns a list of ApprovalWorkflow records that meet the criteria of an ApprovalWorkflowListRequest.

type ApprovalWorkflowStep

type ApprovalWorkflowStep struct {
	// The approval flow id specified the approval workfflow that this step belongs to
	ApprovalFlowID string `json:"approvalFlowId"`
	// Unique identifier of the ApprovalWorkflowStep.
	ID string `json:"id"`
}

ApprovalWorkflowStep links an approval workflow step to an ApprovalWorkflow

type ApprovalWorkflowStepCreateResponse

type ApprovalWorkflowStepCreateResponse struct {
	// The created approval workflow step.
	ApprovalWorkflowStep *ApprovalWorkflowStep `json:"approvalWorkflowStep"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowStepCreateResponse reports how the ApprovalWorkflowStep was created in the system.

type ApprovalWorkflowStepDeleteResponse

type ApprovalWorkflowStepDeleteResponse struct {
	// The deleted approval workflow step id.
	ID string `json:"id"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowStepDeleteResponse returns information about an ApprovalWorkflowStep that was deleted.

type ApprovalWorkflowStepGetResponse

type ApprovalWorkflowStepGetResponse struct {
	// The requested ApprovalWorkflowStep.
	ApprovalWorkflowStep *ApprovalWorkflowStep `json:"approvalWorkflowStep"`
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowStepGetResponse returns a requested ApprovalWorkflowStep.

type ApprovalWorkflowStepHistory

type ApprovalWorkflowStepHistory struct {
	// The unique identifier of the Activity that produced this change to the ApprovalWorkflowStep.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// The complete ApprovalWorkflowStep state at this time.
	ApprovalWorkflowStep *ApprovalWorkflowStep `json:"approvalWorkflowStep"`
	// If this ApprovalWorkflowStep was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the ApprovalWorkflowStep state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

ApprovalWorkflowStepHistory records the state of an ApprovalWorkflowStep at a given point in time, where every change (create or delete) to an ApprovalWorkflowStep produces an ApprovalWorkflowStepHistory record.

type ApprovalWorkflowStepHistoryIterator

type ApprovalWorkflowStepHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *ApprovalWorkflowStepHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ApprovalWorkflowStepHistoryIterator provides read access to a list of ApprovalWorkflowStepHistory. Use it like so:

for iterator.Next() {
    approvalWorkflowStepHistory := iterator.Value()
    // ...
}

type ApprovalWorkflowStepIterator

type ApprovalWorkflowStepIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *ApprovalWorkflowStep
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ApprovalWorkflowStepIterator provides read access to a list of ApprovalWorkflowStep. Use it like so:

for iterator.Next() {
    approvalWorkflowStep := iterator.Value()
    // ...
}

type ApprovalWorkflowStepListResponse

type ApprovalWorkflowStepListResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowStepListResponse returns a list of ApprovalWorkflowStep records that meet the criteria of an ApprovalWorkflowStepListRequest.

type ApprovalWorkflowSteps

type ApprovalWorkflowSteps struct {
	// contains filtered or unexported fields
}

ApprovalWorkflowSteps link approval workflow steps to an ApprovalWorkflow

func (*ApprovalWorkflowSteps) Create

Create creates a new approval workflow step.

func (*ApprovalWorkflowSteps) Delete

Delete deletes an existing approval workflow step.

func (*ApprovalWorkflowSteps) Get

Get reads one approval workflow step by ID.

func (*ApprovalWorkflowSteps) List

func (svc *ApprovalWorkflowSteps) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	ApprovalWorkflowStepIterator,
	error)

Lists existing approval workflow steps.

type ApprovalWorkflowStepsHistory

type ApprovalWorkflowStepsHistory struct {
	// contains filtered or unexported fields
}

ApprovalWorkflowStepsHistory records all changes to the state of an ApprovalWorkflowStep.

func (*ApprovalWorkflowStepsHistory) List

func (svc *ApprovalWorkflowStepsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	ApprovalWorkflowStepHistoryIterator,
	error)

List gets a list of ApprovalWorkflowStepHistory records matching a given set of criteria.

type ApprovalWorkflowUpdateResponse

type ApprovalWorkflowUpdateResponse struct {
	// The updated approval workflow.
	ApprovalWorkflow *ApprovalWorkflow `json:"approvalWorkflow"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ApprovalWorkflowUpdateResponse returns the fields of an ApprovalWorkflow after it has been updated by an ApprovalWorkflowUpdateRequest.

type ApprovalWorkflows

type ApprovalWorkflows struct {
	// contains filtered or unexported fields
}

ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.

func (*ApprovalWorkflows) Create

func (svc *ApprovalWorkflows) Create(
	ctx context.Context,
	approvalWorkflow *ApprovalWorkflow) (
	*ApprovalWorkflowCreateResponse,
	error)

Create creates a new approval workflow and requires a name and approval mode for the approval workflow.

func (*ApprovalWorkflows) Delete

Delete deletes an existing approval workflow.

func (*ApprovalWorkflows) Get

Get reads one approval workflow by ID.

func (*ApprovalWorkflows) List

func (svc *ApprovalWorkflows) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	ApprovalWorkflowIterator,
	error)

Lists existing approval workflows.

func (*ApprovalWorkflows) Update

func (svc *ApprovalWorkflows) Update(
	ctx context.Context,
	approvalWorkflow *ApprovalWorkflow) (
	*ApprovalWorkflowUpdateResponse,
	error)

Update updates an existing approval workflow.

type ApprovalWorkflowsHistory

type ApprovalWorkflowsHistory struct {
	// contains filtered or unexported fields
}

ApprovalWorkflowsHistory records all changes to the state of an ApprovalWorkflow.

func (*ApprovalWorkflowsHistory) List

func (svc *ApprovalWorkflowsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	ApprovalWorkflowHistoryIterator,
	error)

List gets a list of ApprovalWorkflowHistory records matching a given set of criteria.

type Athena

type Athena struct {
	// The Access Key ID to use to authenticate.
	AccessKey string `json:"accessKey"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The AWS S3 output location.
	Output string `json:"output"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to e.g. us-east-1.
	Region string `json:"region"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// The Secret Access Key to use to authenticate.
	SecretAccessKey string `json:"secretAccessKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*Athena) GetBindInterface

func (m *Athena) GetBindInterface() string

GetBindInterface returns the bind interface of the Athena.

func (*Athena) GetEgressFilter

func (m *Athena) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Athena.

func (*Athena) GetID

func (m *Athena) GetID() string

GetID returns the unique identifier of the Athena.

func (*Athena) GetName

func (m *Athena) GetName() string

GetName returns the name of the Athena.

func (*Athena) GetSecretStoreID

func (m *Athena) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Athena.

func (*Athena) GetTags

func (m *Athena) GetTags() Tags

GetTags returns the tags of the Athena.

func (*Athena) SetBindInterface

func (m *Athena) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Athena.

func (*Athena) SetEgressFilter

func (m *Athena) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Athena.

func (*Athena) SetName

func (m *Athena) SetName(v string)

SetName sets the name of the Athena.

func (*Athena) SetSecretStoreID

func (m *Athena) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Athena.

func (*Athena) SetTags

func (m *Athena) SetTags(v Tags)

SetTags sets the tags of the Athena.

type AuroraMysql

type AuroraMysql struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The database for healthchecks. Does not affect client requests
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// Whether native auth (mysql_native_password) is used for all connections (for backwards compatibility)
	RequireNativeAuth bool `json:"requireNativeAuth"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If true, appends the hostname to the username when hitting a database.azure.com address
	UseAzureSingleServerUsernames bool `json:"useAzureSingleServerUsernames"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*AuroraMysql) GetBindInterface

func (m *AuroraMysql) GetBindInterface() string

GetBindInterface returns the bind interface of the AuroraMysql.

func (*AuroraMysql) GetEgressFilter

func (m *AuroraMysql) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AuroraMysql.

func (*AuroraMysql) GetID

func (m *AuroraMysql) GetID() string

GetID returns the unique identifier of the AuroraMysql.

func (*AuroraMysql) GetName

func (m *AuroraMysql) GetName() string

GetName returns the name of the AuroraMysql.

func (*AuroraMysql) GetSecretStoreID

func (m *AuroraMysql) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AuroraMysql.

func (*AuroraMysql) GetTags

func (m *AuroraMysql) GetTags() Tags

GetTags returns the tags of the AuroraMysql.

func (*AuroraMysql) SetBindInterface

func (m *AuroraMysql) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AuroraMysql.

func (*AuroraMysql) SetEgressFilter

func (m *AuroraMysql) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AuroraMysql.

func (*AuroraMysql) SetName

func (m *AuroraMysql) SetName(v string)

SetName sets the name of the AuroraMysql.

func (*AuroraMysql) SetSecretStoreID

func (m *AuroraMysql) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AuroraMysql.

func (*AuroraMysql) SetTags

func (m *AuroraMysql) SetTags(v Tags)

SetTags sets the tags of the AuroraMysql.

type AuroraPostgres

type AuroraPostgres struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*AuroraPostgres) GetBindInterface

func (m *AuroraPostgres) GetBindInterface() string

GetBindInterface returns the bind interface of the AuroraPostgres.

func (*AuroraPostgres) GetEgressFilter

func (m *AuroraPostgres) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AuroraPostgres.

func (*AuroraPostgres) GetID

func (m *AuroraPostgres) GetID() string

GetID returns the unique identifier of the AuroraPostgres.

func (*AuroraPostgres) GetName

func (m *AuroraPostgres) GetName() string

GetName returns the name of the AuroraPostgres.

func (*AuroraPostgres) GetSecretStoreID

func (m *AuroraPostgres) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AuroraPostgres.

func (*AuroraPostgres) GetTags

func (m *AuroraPostgres) GetTags() Tags

GetTags returns the tags of the AuroraPostgres.

func (*AuroraPostgres) SetBindInterface

func (m *AuroraPostgres) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AuroraPostgres.

func (*AuroraPostgres) SetEgressFilter

func (m *AuroraPostgres) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AuroraPostgres.

func (*AuroraPostgres) SetName

func (m *AuroraPostgres) SetName(v string)

SetName sets the name of the AuroraPostgres.

func (*AuroraPostgres) SetSecretStoreID

func (m *AuroraPostgres) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AuroraPostgres.

func (*AuroraPostgres) SetTags

func (m *AuroraPostgres) SetTags(v Tags)

SetTags sets the tags of the AuroraPostgres.

type AuroraPostgresIAM

type AuroraPostgresIAM struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to.
	Region string `json:"region"`
	// If provided, the gateway/relay will try to assume this role instead of the underlying compute's role.
	RoleAssumptionArn string `json:"roleAssumptionArn"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*AuroraPostgresIAM) GetBindInterface

func (m *AuroraPostgresIAM) GetBindInterface() string

GetBindInterface returns the bind interface of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) GetEgressFilter

func (m *AuroraPostgresIAM) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) GetID

func (m *AuroraPostgresIAM) GetID() string

GetID returns the unique identifier of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) GetName

func (m *AuroraPostgresIAM) GetName() string

GetName returns the name of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) GetSecretStoreID

func (m *AuroraPostgresIAM) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) GetTags

func (m *AuroraPostgresIAM) GetTags() Tags

GetTags returns the tags of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) SetBindInterface

func (m *AuroraPostgresIAM) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) SetEgressFilter

func (m *AuroraPostgresIAM) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) SetName

func (m *AuroraPostgresIAM) SetName(v string)

SetName sets the name of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) SetSecretStoreID

func (m *AuroraPostgresIAM) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AuroraPostgresIAM.

func (*AuroraPostgresIAM) SetTags

func (m *AuroraPostgresIAM) SetTags(v Tags)

SetTags sets the tags of the AuroraPostgresIAM.

type AuthenticationError

type AuthenticationError struct {
	// Message is the error content.
	Message string
}

AuthenticationError is used to specify an authentication failure condition

func (AuthenticationError) Code

func (e AuthenticationError) Code() int

func (AuthenticationError) Error

func (e AuthenticationError) Error() string

type Azure

type Azure struct {
	// The application ID to authenticate with.
	AppID string `json:"appId"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The tenant ID to authenticate to.
	TenantID string `json:"tenantId"`
}

func (*Azure) GetBindInterface

func (m *Azure) GetBindInterface() string

GetBindInterface returns the bind interface of the Azure.

func (*Azure) GetEgressFilter

func (m *Azure) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Azure.

func (*Azure) GetID

func (m *Azure) GetID() string

GetID returns the unique identifier of the Azure.

func (*Azure) GetName

func (m *Azure) GetName() string

GetName returns the name of the Azure.

func (*Azure) GetSecretStoreID

func (m *Azure) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Azure.

func (*Azure) GetTags

func (m *Azure) GetTags() Tags

GetTags returns the tags of the Azure.

func (*Azure) SetBindInterface

func (m *Azure) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Azure.

func (*Azure) SetEgressFilter

func (m *Azure) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Azure.

func (*Azure) SetName

func (m *Azure) SetName(v string)

SetName sets the name of the Azure.

func (*Azure) SetSecretStoreID

func (m *Azure) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Azure.

func (*Azure) SetTags

func (m *Azure) SetTags(v Tags)

SetTags sets the tags of the Azure.

type AzureCertificate

type AzureCertificate struct {
	// The application ID to authenticate with.
	AppID string `json:"appId"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The service Principal certificate file, both private and public key included.
	ClientCertificate string `json:"clientCertificate"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The tenant ID to authenticate to.
	TenantID string `json:"tenantId"`
}

func (*AzureCertificate) GetBindInterface

func (m *AzureCertificate) GetBindInterface() string

GetBindInterface returns the bind interface of the AzureCertificate.

func (*AzureCertificate) GetEgressFilter

func (m *AzureCertificate) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AzureCertificate.

func (*AzureCertificate) GetID

func (m *AzureCertificate) GetID() string

GetID returns the unique identifier of the AzureCertificate.

func (*AzureCertificate) GetName

func (m *AzureCertificate) GetName() string

GetName returns the name of the AzureCertificate.

func (*AzureCertificate) GetSecretStoreID

func (m *AzureCertificate) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AzureCertificate.

func (*AzureCertificate) GetTags

func (m *AzureCertificate) GetTags() Tags

GetTags returns the tags of the AzureCertificate.

func (*AzureCertificate) SetBindInterface

func (m *AzureCertificate) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AzureCertificate.

func (*AzureCertificate) SetEgressFilter

func (m *AzureCertificate) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AzureCertificate.

func (*AzureCertificate) SetName

func (m *AzureCertificate) SetName(v string)

SetName sets the name of the AzureCertificate.

func (*AzureCertificate) SetSecretStoreID

func (m *AzureCertificate) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AzureCertificate.

func (*AzureCertificate) SetTags

func (m *AzureCertificate) SetTags(v Tags)

SetTags sets the tags of the AzureCertificate.

type AzureMysql

type AzureMysql struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The database for healthchecks. Does not affect client requests.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// Whether native auth (mysql_native_password) is used for all connections (for backwards compatibility)
	RequireNativeAuth bool `json:"requireNativeAuth"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If true, appends the hostname to the username when hitting a database.azure.com address
	UseAzureSingleServerUsernames bool `json:"useAzureSingleServerUsernames"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*AzureMysql) GetBindInterface

func (m *AzureMysql) GetBindInterface() string

GetBindInterface returns the bind interface of the AzureMysql.

func (*AzureMysql) GetEgressFilter

func (m *AzureMysql) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AzureMysql.

func (*AzureMysql) GetID

func (m *AzureMysql) GetID() string

GetID returns the unique identifier of the AzureMysql.

func (*AzureMysql) GetName

func (m *AzureMysql) GetName() string

GetName returns the name of the AzureMysql.

func (*AzureMysql) GetSecretStoreID

func (m *AzureMysql) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AzureMysql.

func (*AzureMysql) GetTags

func (m *AzureMysql) GetTags() Tags

GetTags returns the tags of the AzureMysql.

func (*AzureMysql) SetBindInterface

func (m *AzureMysql) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AzureMysql.

func (*AzureMysql) SetEgressFilter

func (m *AzureMysql) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AzureMysql.

func (*AzureMysql) SetName

func (m *AzureMysql) SetName(v string)

SetName sets the name of the AzureMysql.

func (*AzureMysql) SetSecretStoreID

func (m *AzureMysql) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AzureMysql.

func (*AzureMysql) SetTags

func (m *AzureMysql) SetTags(v Tags)

SetTags sets the tags of the AzureMysql.

type AzurePostgres

type AzurePostgres struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with. For Azure Postgres, this also will include the hostname of the target server for Azure Single Server compatibility. For Flexible servers, use the normal Postgres type.
	Username string `json:"username"`
}

func (*AzurePostgres) GetBindInterface

func (m *AzurePostgres) GetBindInterface() string

GetBindInterface returns the bind interface of the AzurePostgres.

func (*AzurePostgres) GetEgressFilter

func (m *AzurePostgres) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AzurePostgres.

func (*AzurePostgres) GetID

func (m *AzurePostgres) GetID() string

GetID returns the unique identifier of the AzurePostgres.

func (*AzurePostgres) GetName

func (m *AzurePostgres) GetName() string

GetName returns the name of the AzurePostgres.

func (*AzurePostgres) GetSecretStoreID

func (m *AzurePostgres) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AzurePostgres.

func (*AzurePostgres) GetTags

func (m *AzurePostgres) GetTags() Tags

GetTags returns the tags of the AzurePostgres.

func (*AzurePostgres) SetBindInterface

func (m *AzurePostgres) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AzurePostgres.

func (*AzurePostgres) SetEgressFilter

func (m *AzurePostgres) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AzurePostgres.

func (*AzurePostgres) SetName

func (m *AzurePostgres) SetName(v string)

SetName sets the name of the AzurePostgres.

func (*AzurePostgres) SetSecretStoreID

func (m *AzurePostgres) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AzurePostgres.

func (*AzurePostgres) SetTags

func (m *AzurePostgres) SetTags(v Tags)

SetTags sets the tags of the AzurePostgres.

type AzurePostgresManagedIdentity

type AzurePostgresManagedIdentity struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If true, appends the hostname to the username when hitting a database.azure.com address
	UseAzureSingleServerUsernames bool `json:"useAzureSingleServerUsernames"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*AzurePostgresManagedIdentity) GetBindInterface

func (m *AzurePostgresManagedIdentity) GetBindInterface() string

GetBindInterface returns the bind interface of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) GetEgressFilter

func (m *AzurePostgresManagedIdentity) GetEgressFilter() string

GetEgressFilter returns the egress filter of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) GetID

GetID returns the unique identifier of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) GetName

func (m *AzurePostgresManagedIdentity) GetName() string

GetName returns the name of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) GetSecretStoreID

func (m *AzurePostgresManagedIdentity) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) GetTags

func (m *AzurePostgresManagedIdentity) GetTags() Tags

GetTags returns the tags of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) SetBindInterface

func (m *AzurePostgresManagedIdentity) SetBindInterface(v string)

SetBindInterface sets the bind interface of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) SetEgressFilter

func (m *AzurePostgresManagedIdentity) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) SetName

func (m *AzurePostgresManagedIdentity) SetName(v string)

SetName sets the name of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) SetSecretStoreID

func (m *AzurePostgresManagedIdentity) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the AzurePostgresManagedIdentity.

func (*AzurePostgresManagedIdentity) SetTags

func (m *AzurePostgresManagedIdentity) SetTags(v Tags)

SetTags sets the tags of the AzurePostgresManagedIdentity.

type AzureStore

type AzureStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The URI of the key vault to target e.g. https://myvault.vault.azure.net
	VaultUri string `json:"vaultUri"`
}

func (*AzureStore) GetID

func (m *AzureStore) GetID() string

GetID returns the unique identifier of the AzureStore.

func (*AzureStore) GetName

func (m *AzureStore) GetName() string

GetName returns the name of the AzureStore.

func (*AzureStore) GetTags

func (m *AzureStore) GetTags() Tags

GetTags returns the tags of the AzureStore.

func (*AzureStore) SetName

func (m *AzureStore) SetName(v string)

SetName sets the name of the AzureStore.

func (*AzureStore) SetTags

func (m *AzureStore) SetTags(v Tags)

SetTags sets the tags of the AzureStore.

type BadRequestError

type BadRequestError struct {
	// Message is the error content.
	Message string
}

BadRequestError identifies a bad request sent by the client

func (BadRequestError) Code

func (e BadRequestError) Code() int

func (BadRequestError) Error

func (e BadRequestError) Error() string

type BigQuery

type BigQuery struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The endpoint to dial.
	Endpoint string `json:"endpoint"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The JSON Private key to authenticate with.
	PrivateKey string `json:"privateKey"`
	// The project to connect to.
	Project string `json:"project"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*BigQuery) GetBindInterface

func (m *BigQuery) GetBindInterface() string

GetBindInterface returns the bind interface of the BigQuery.

func (*BigQuery) GetEgressFilter

func (m *BigQuery) GetEgressFilter() string

GetEgressFilter returns the egress filter of the BigQuery.

func (*BigQuery) GetID

func (m *BigQuery) GetID() string

GetID returns the unique identifier of the BigQuery.

func (*BigQuery) GetName

func (m *BigQuery) GetName() string

GetName returns the name of the BigQuery.

func (*BigQuery) GetSecretStoreID

func (m *BigQuery) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the BigQuery.

func (*BigQuery) GetTags

func (m *BigQuery) GetTags() Tags

GetTags returns the tags of the BigQuery.

func (*BigQuery) SetBindInterface

func (m *BigQuery) SetBindInterface(v string)

SetBindInterface sets the bind interface of the BigQuery.

func (*BigQuery) SetEgressFilter

func (m *BigQuery) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the BigQuery.

func (*BigQuery) SetName

func (m *BigQuery) SetName(v string)

SetName sets the name of the BigQuery.

func (*BigQuery) SetSecretStoreID

func (m *BigQuery) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the BigQuery.

func (*BigQuery) SetTags

func (m *BigQuery) SetTags(v Tags)

SetTags sets the tags of the BigQuery.

type Cassandra

type Cassandra struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Cassandra) GetBindInterface

func (m *Cassandra) GetBindInterface() string

GetBindInterface returns the bind interface of the Cassandra.

func (*Cassandra) GetEgressFilter

func (m *Cassandra) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Cassandra.

func (*Cassandra) GetID

func (m *Cassandra) GetID() string

GetID returns the unique identifier of the Cassandra.

func (*Cassandra) GetName

func (m *Cassandra) GetName() string

GetName returns the name of the Cassandra.

func (*Cassandra) GetSecretStoreID

func (m *Cassandra) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Cassandra.

func (*Cassandra) GetTags

func (m *Cassandra) GetTags() Tags

GetTags returns the tags of the Cassandra.

func (*Cassandra) SetBindInterface

func (m *Cassandra) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Cassandra.

func (*Cassandra) SetEgressFilter

func (m *Cassandra) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Cassandra.

func (*Cassandra) SetName

func (m *Cassandra) SetName(v string)

SetName sets the name of the Cassandra.

func (*Cassandra) SetSecretStoreID

func (m *Cassandra) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Cassandra.

func (*Cassandra) SetTags

func (m *Cassandra) SetTags(v Tags)

SetTags sets the tags of the Cassandra.

type Citus

type Citus struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Citus) GetBindInterface

func (m *Citus) GetBindInterface() string

GetBindInterface returns the bind interface of the Citus.

func (*Citus) GetEgressFilter

func (m *Citus) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Citus.

func (*Citus) GetID

func (m *Citus) GetID() string

GetID returns the unique identifier of the Citus.

func (*Citus) GetName

func (m *Citus) GetName() string

GetName returns the name of the Citus.

func (*Citus) GetSecretStoreID

func (m *Citus) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Citus.

func (*Citus) GetTags

func (m *Citus) GetTags() Tags

GetTags returns the tags of the Citus.

func (*Citus) SetBindInterface

func (m *Citus) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Citus.

func (*Citus) SetEgressFilter

func (m *Citus) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Citus.

func (*Citus) SetName

func (m *Citus) SetName(v string)

SetName sets the name of the Citus.

func (*Citus) SetSecretStoreID

func (m *Citus) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Citus.

func (*Citus) SetTags

func (m *Citus) SetTags(v Tags)

SetTags sets the tags of the Citus.

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client is the strongDM API client implementation.

func New

func New(token, secret string, opts ...ClientOption) (*Client, error)

New creates a new strongDM API client.

func (*Client) AccessRequestEventsHistory

func (c *Client) AccessRequestEventsHistory() *AccessRequestEventsHistory

AccessRequestEventsHistory provides records of all changes to the state of an AccessRequest.

func (*Client) AccessRequests

func (c *Client) AccessRequests() *AccessRequests

AccessRequests are requests for access to a resource that may match a Workflow.

func (*Client) AccessRequestsHistory

func (c *Client) AccessRequestsHistory() *AccessRequestsHistory

AccessRequestsHistory provides records of all changes to the state of an AccessRequest.

func (*Client) AccountAttachments

func (c *Client) AccountAttachments() *AccountAttachments

AccountAttachments assign an account to a role.

func (*Client) AccountAttachmentsHistory

func (c *Client) AccountAttachmentsHistory() *AccountAttachmentsHistory

AccountAttachmentsHistory records all changes to the state of an AccountAttachment.

func (*Client) AccountGrants

func (c *Client) AccountGrants() *AccountGrants

AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

func (*Client) AccountGrantsHistory

func (c *Client) AccountGrantsHistory() *AccountGrantsHistory

AccountGrantsHistory records all changes to the state of an AccountGrant.

func (*Client) AccountPermissions

func (c *Client) AccountPermissions() *AccountPermissions

AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

func (*Client) AccountResources

func (c *Client) AccountResources() *AccountResources

AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.

func (*Client) AccountResourcesHistory

func (c *Client) AccountResourcesHistory() *AccountResourcesHistory

AccountResourcesHistory records all changes to the state of a AccountResource.

func (*Client) Accounts

func (c *Client) Accounts() *Accounts

Accounts are users that have access to strongDM. There are two types of accounts: 1. **Users:** humans who are authenticated through username and password or SSO. 2. **Service Accounts:** machines that are authenticated using a service token. 3. **Tokens** are access keys with permissions that can be used for authentication.

func (*Client) AccountsHistory

func (c *Client) AccountsHistory() *AccountsHistory

AccountsHistory records all changes to the state of an Account.

func (*Client) Activities

func (c *Client) Activities() *Activities

An Activity is a record of an action taken against a strongDM deployment, e.g. a user creation, resource deletion, sso configuration change, etc. The Activities service is read-only.

func (*Client) ApprovalWorkflowApprovers

func (c *Client) ApprovalWorkflowApprovers() *ApprovalWorkflowApprovers

ApprovalWorkflowApprovers link approval workflow approvers to an ApprovalWorkflowStep

func (*Client) ApprovalWorkflowApproversHistory

func (c *Client) ApprovalWorkflowApproversHistory() *ApprovalWorkflowApproversHistory

ApprovalWorkflowApproversHistory records all changes to the state of an ApprovalWorkflowApprover.

func (*Client) ApprovalWorkflowSteps

func (c *Client) ApprovalWorkflowSteps() *ApprovalWorkflowSteps

ApprovalWorkflowSteps link approval workflow steps to an ApprovalWorkflow

func (*Client) ApprovalWorkflowStepsHistory

func (c *Client) ApprovalWorkflowStepsHistory() *ApprovalWorkflowStepsHistory

ApprovalWorkflowStepsHistory records all changes to the state of an ApprovalWorkflowStep.

func (*Client) ApprovalWorkflows

func (c *Client) ApprovalWorkflows() *ApprovalWorkflows

ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.

func (*Client) ApprovalWorkflowsHistory

func (c *Client) ApprovalWorkflowsHistory() *ApprovalWorkflowsHistory

ApprovalWorkflowsHistory records all changes to the state of an ApprovalWorkflow.

func (*Client) Close

func (c *Client) Close() error

Close will close the internal GRPC connection to strongDM. If the client is not initialized will return an error. Attempting to use the client after Close() may cause panics.

func (*Client) ControlPanel

func (c *Client) ControlPanel() *ControlPanel

ControlPanel contains all administrative controls.

func (*Client) Nodes

func (c *Client) Nodes() *Nodes

Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes: - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers. - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.

func (*Client) NodesHistory

func (c *Client) NodesHistory() *NodesHistory

NodesHistory records all changes to the state of a Node.

func (*Client) OrganizationHistory

func (c *Client) OrganizationHistory() *OrganizationHistory

OrganizationHistory records all changes to the state of an Organization.

func (*Client) PeeringGroupNodes

func (c *Client) PeeringGroupNodes() *PeeringGroupNodes

PeeringGroupNodes provides the building blocks necessary to obtain attach a node to a peering group.

func (*Client) PeeringGroupPeers

func (c *Client) PeeringGroupPeers() *PeeringGroupPeers

PeeringGroupPeers provides the building blocks necessary to link two peering groups.

func (*Client) PeeringGroupResources

func (c *Client) PeeringGroupResources() *PeeringGroupResources

PeeringGroupResources provides the building blocks necessary to obtain attach a resource to a peering group.

func (*Client) PeeringGroups

func (c *Client) PeeringGroups() *PeeringGroups

PeeringGroups provides the building blocks necessary to obtain explicit network topology and routing.

func (*Client) Queries

func (c *Client) Queries() *Queries

A Query is a record of a single client request to a resource, such as a SQL query. Long-running SSH, RDP, or Kubernetes interactive sessions also count as queries. The Queries service is read-only.

func (*Client) RemoteIdentities

func (c *Client) RemoteIdentities() *RemoteIdentities

RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

func (*Client) RemoteIdentitiesHistory

func (c *Client) RemoteIdentitiesHistory() *RemoteIdentitiesHistory

RemoteIdentitiesHistory records all changes to the state of a RemoteIdentity.

func (*Client) RemoteIdentityGroups

func (c *Client) RemoteIdentityGroups() *RemoteIdentityGroups

A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.

func (*Client) RemoteIdentityGroupsHistory

func (c *Client) RemoteIdentityGroupsHistory() *RemoteIdentityGroupsHistory

RemoteIdentityGroupsHistory records all changes to the state of a RemoteIdentityGroup.

func (*Client) Replays

func (c *Client) Replays() *Replays

A Replay captures the data transferred over a long-running SSH, RDP, or Kubernetes interactive session (otherwise referred to as a query). The Replays service is read-only.

func (*Client) Resources

func (c *Client) Resources() *Resources

Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

func (*Client) ResourcesHistory

func (c *Client) ResourcesHistory() *ResourcesHistory

ResourcesHistory records all changes to the state of a Resource.

func (*Client) RoleResources

func (c *Client) RoleResources() *RoleResources

RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.

func (*Client) RoleResourcesHistory

func (c *Client) RoleResourcesHistory() *RoleResourcesHistory

RoleResourcesHistory records all changes to the state of a RoleResource.

func (*Client) Roles

func (c *Client) Roles() *Roles

A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

func (*Client) RolesHistory

func (c *Client) RolesHistory() *RolesHistory

RolesHistory records all changes to the state of a Role.

func (*Client) SecretStoreHealths

func (c *Client) SecretStoreHealths() *SecretStoreHealths

SecretStoreHealths exposes health states for secret stores.

func (*Client) SecretStores

func (c *Client) SecretStores() *SecretStores

SecretStores are servers where resource secrets (passwords, keys) are stored.

func (*Client) SecretStoresHistory

func (c *Client) SecretStoresHistory() *SecretStoresHistory

SecretStoresHistory records all changes to the state of a SecretStore.

func (*Client) Sign

func (c *Client) Sign(methodName string, message []byte) string

Sign returns the signature for the given byte array

func (*Client) SnapshotAt

func (c *Client) SnapshotAt(t time.Time) *SnapshotClient

SnapshotAt constructs a read-only client that will provide historical data from the provided timestamp.

func (*Client) WorkflowApprovers

func (c *Client) WorkflowApprovers() *WorkflowApprovers

WorkflowApprovers is an account or a role with the ability to approve requests bound to a workflow.

func (*Client) WorkflowApproversHistory

func (c *Client) WorkflowApproversHistory() *WorkflowApproversHistory

WorkflowApproversHistory provides records of all changes to the state of a WorkflowApprover.

func (*Client) WorkflowAssignments

func (c *Client) WorkflowAssignments() *WorkflowAssignments

WorkflowAssignments links a Resource to a Workflow. The assigned resources are those that a user can request access to via the workflow.

func (*Client) WorkflowAssignmentsHistory

func (c *Client) WorkflowAssignmentsHistory() *WorkflowAssignmentsHistory

WorkflowAssignmentsHistory provides records of all changes to the state of a WorkflowAssignment.

func (*Client) WorkflowRoles

func (c *Client) WorkflowRoles() *WorkflowRoles

WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.

func (*Client) WorkflowRolesHistory

func (c *Client) WorkflowRolesHistory() *WorkflowRolesHistory

WorkflowRolesHistory provides records of all changes to the state of a WorkflowRole

func (*Client) Workflows

func (c *Client) Workflows() *Workflows

Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.

func (*Client) WorkflowsHistory

func (c *Client) WorkflowsHistory() *WorkflowsHistory

WorkflowsHistory provides records of all changes to the state of a Workflow.

type ClientOption

type ClientOption func(c *Client)

A ClientOption is an optional argument to New that can override the created client's default behavior.

func WithHost

func WithHost(host string) ClientOption

WithHost causes a Client to make it's calls against the provided host instead of against api.strongdm.com.

func WithInsecure

func WithInsecure() ClientOption

WithInsecure enables a Client to talk to an http server instead of an https server. This is potentially useful when communicating through a proxy, but should be used with care.

func WithPageLimit

func WithPageLimit(limit int) ClientOption

WithPageLimit will set the page limit used for list commands i.e. the number of results that list calls will return per request to the StrongDM control plane. The interface for listing does not directly expose this limit, but it may be useful to manipulate it to reduce network callouts, or optimize clients if expecting few results. If not provided, the default is 50.

func WithRateLimitRetries

func WithRateLimitRetries(enabled bool) ClientOption

WithRateLimitRetries configures whether encountered rate limit errors should cause this client to sleep and retry (if enabled), or whether those errors should be exposed to the code using this client (if disabled). By default, it is enabled.

func WithTLSConfig

func WithTLSConfig(cfg *tls.Config) ClientOption

WithTLSConfig allows customization of the TLS configuration used to communicate with the API server.

func WithUserAgentExtra

func WithUserAgentExtra(userAgentExtra string) ClientOption

WithUserAgentExtra modifies the user agent string to include additional identifying information for server-side analytics. The intended use is by extension libraries, like a terraform provider wrapping this client.

type Clustrix

type Clustrix struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The database for healthchecks. Does not affect client requests.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// Whether native auth (mysql_native_password) is used for all connections (for backwards compatibility)
	RequireNativeAuth bool `json:"requireNativeAuth"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If true, appends the hostname to the username when hitting a database.azure.com address
	UseAzureSingleServerUsernames bool `json:"useAzureSingleServerUsernames"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Clustrix) GetBindInterface

func (m *Clustrix) GetBindInterface() string

GetBindInterface returns the bind interface of the Clustrix.

func (*Clustrix) GetEgressFilter

func (m *Clustrix) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Clustrix.

func (*Clustrix) GetID

func (m *Clustrix) GetID() string

GetID returns the unique identifier of the Clustrix.

func (*Clustrix) GetName

func (m *Clustrix) GetName() string

GetName returns the name of the Clustrix.

func (*Clustrix) GetSecretStoreID

func (m *Clustrix) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Clustrix.

func (*Clustrix) GetTags

func (m *Clustrix) GetTags() Tags

GetTags returns the tags of the Clustrix.

func (*Clustrix) SetBindInterface

func (m *Clustrix) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Clustrix.

func (*Clustrix) SetEgressFilter

func (m *Clustrix) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Clustrix.

func (*Clustrix) SetName

func (m *Clustrix) SetName(v string)

SetName sets the name of the Clustrix.

func (*Clustrix) SetSecretStoreID

func (m *Clustrix) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Clustrix.

func (*Clustrix) SetTags

func (m *Clustrix) SetTags(v Tags)

SetTags sets the tags of the Clustrix.

type Cockroach

type Cockroach struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Cockroach) GetBindInterface

func (m *Cockroach) GetBindInterface() string

GetBindInterface returns the bind interface of the Cockroach.

func (*Cockroach) GetEgressFilter

func (m *Cockroach) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Cockroach.

func (*Cockroach) GetID

func (m *Cockroach) GetID() string

GetID returns the unique identifier of the Cockroach.

func (*Cockroach) GetName

func (m *Cockroach) GetName() string

GetName returns the name of the Cockroach.

func (*Cockroach) GetSecretStoreID

func (m *Cockroach) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Cockroach.

func (*Cockroach) GetTags

func (m *Cockroach) GetTags() Tags

GetTags returns the tags of the Cockroach.

func (*Cockroach) SetBindInterface

func (m *Cockroach) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Cockroach.

func (*Cockroach) SetEgressFilter

func (m *Cockroach) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Cockroach.

func (*Cockroach) SetName

func (m *Cockroach) SetName(v string)

SetName sets the name of the Cockroach.

func (*Cockroach) SetSecretStoreID

func (m *Cockroach) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Cockroach.

func (*Cockroach) SetTags

func (m *Cockroach) SetTags(v Tags)

SetTags sets the tags of the Cockroach.

type ContextCanceledError

type ContextCanceledError struct {
	// Wrapped is a underlying error.
	Wrapped error
}

ContextCanceledError indicates an operation was canceled.

func (*ContextCanceledError) Code

func (e *ContextCanceledError) Code() int

func (*ContextCanceledError) Error

func (e *ContextCanceledError) Error() string

func (*ContextCanceledError) Unwrap

func (e *ContextCanceledError) Unwrap() error

type ControlPanel

type ControlPanel struct {
	// contains filtered or unexported fields
}

ControlPanel contains all administrative controls.

func (*ControlPanel) GetRDPCAPublicKey

func (svc *ControlPanel) GetRDPCAPublicKey(
	ctx context.Context) (
	*ControlPanelGetRDPCAPublicKeyResponse,
	error)

GetRDPCAPublicKey retrieves the RDP CA public key.

func (*ControlPanel) GetSSHCAPublicKey

func (svc *ControlPanel) GetSSHCAPublicKey(
	ctx context.Context) (
	*ControlPanelGetSSHCAPublicKeyResponse,
	error)

GetSSHCAPublicKey retrieves the SSH CA public key.

func (*ControlPanel) VerifyJWT

func (svc *ControlPanel) VerifyJWT(
	ctx context.Context,
	token string) (
	*ControlPanelVerifyJWTResponse,
	error)

VerifyJWT reports whether the given JWT token (x-sdm-token) is valid.

type ControlPanelGetRDPCAPublicKeyResponse

type ControlPanelGetRDPCAPublicKeyResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// The public key of the SSH Certificate Authority, in OpenSSH RSA public
	// key format.
	PublicKey string `json:"publicKey"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ControlPanelGetRDPCAPublicKeyResponse represents a request for an organization's RDP Certificate Authority public key.

type ControlPanelGetSSHCAPublicKeyResponse

type ControlPanelGetSSHCAPublicKeyResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// The public key of the SSH Certificate Authority, in OpenSSH RSA public
	// key format.
	PublicKey string `json:"publicKey"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ControlPanelGetSSHCAPublicKeyResponse represents a request for an organization's SSH Certificate Authority public key.

type ControlPanelVerifyJWTResponse

type ControlPanelVerifyJWTResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// Reports if the given token is valid.
	ValID bool `json:"valid"`
}

ControlPanelVerifyJWTResponse reports whether x-sdm-token is valid.

type CreateResponseMetadata

type CreateResponseMetadata struct {
}

CreateResponseMetadata is reserved for future use.

type CyberarkConjurStore

type CyberarkConjurStore struct {
	// The URL of the Cyberark instance
	AppURL string `json:"appUrl"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*CyberarkConjurStore) GetID

func (m *CyberarkConjurStore) GetID() string

GetID returns the unique identifier of the CyberarkConjurStore.

func (*CyberarkConjurStore) GetName

func (m *CyberarkConjurStore) GetName() string

GetName returns the name of the CyberarkConjurStore.

func (*CyberarkConjurStore) GetTags

func (m *CyberarkConjurStore) GetTags() Tags

GetTags returns the tags of the CyberarkConjurStore.

func (*CyberarkConjurStore) SetName

func (m *CyberarkConjurStore) SetName(v string)

SetName sets the name of the CyberarkConjurStore.

func (*CyberarkConjurStore) SetTags

func (m *CyberarkConjurStore) SetTags(v Tags)

SetTags sets the tags of the CyberarkConjurStore.

type CyberarkPAMExperimentalStore

type CyberarkPAMExperimentalStore struct {
	// The URL of the Cyberark instance
	AppURL string `json:"appUrl"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

CyberarkPAMExperimentalStore is currently unstable, and its API may change, or it may be removed, without a major version bump.

func (*CyberarkPAMExperimentalStore) GetID

GetID returns the unique identifier of the CyberarkPAMExperimentalStore.

func (*CyberarkPAMExperimentalStore) GetName

func (m *CyberarkPAMExperimentalStore) GetName() string

GetName returns the name of the CyberarkPAMExperimentalStore.

func (*CyberarkPAMExperimentalStore) GetTags

func (m *CyberarkPAMExperimentalStore) GetTags() Tags

GetTags returns the tags of the CyberarkPAMExperimentalStore.

func (*CyberarkPAMExperimentalStore) SetName

func (m *CyberarkPAMExperimentalStore) SetName(v string)

SetName sets the name of the CyberarkPAMExperimentalStore.

func (*CyberarkPAMExperimentalStore) SetTags

func (m *CyberarkPAMExperimentalStore) SetTags(v Tags)

SetTags sets the tags of the CyberarkPAMExperimentalStore.

type CyberarkPAMStore

type CyberarkPAMStore struct {
	// The URL of the Cyberark instance
	AppURL string `json:"appUrl"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*CyberarkPAMStore) GetID

func (m *CyberarkPAMStore) GetID() string

GetID returns the unique identifier of the CyberarkPAMStore.

func (*CyberarkPAMStore) GetName

func (m *CyberarkPAMStore) GetName() string

GetName returns the name of the CyberarkPAMStore.

func (*CyberarkPAMStore) GetTags

func (m *CyberarkPAMStore) GetTags() Tags

GetTags returns the tags of the CyberarkPAMStore.

func (*CyberarkPAMStore) SetName

func (m *CyberarkPAMStore) SetName(v string)

SetName sets the name of the CyberarkPAMStore.

func (*CyberarkPAMStore) SetTags

func (m *CyberarkPAMStore) SetTags(v Tags)

SetTags sets the tags of the CyberarkPAMStore.

type DB2I

type DB2I struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*DB2I) GetBindInterface

func (m *DB2I) GetBindInterface() string

GetBindInterface returns the bind interface of the DB2I.

func (*DB2I) GetEgressFilter

func (m *DB2I) GetEgressFilter() string

GetEgressFilter returns the egress filter of the DB2I.

func (*DB2I) GetID

func (m *DB2I) GetID() string

GetID returns the unique identifier of the DB2I.

func (*DB2I) GetName

func (m *DB2I) GetName() string

GetName returns the name of the DB2I.

func (*DB2I) GetSecretStoreID

func (m *DB2I) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the DB2I.

func (*DB2I) GetTags

func (m *DB2I) GetTags() Tags

GetTags returns the tags of the DB2I.

func (*DB2I) SetBindInterface

func (m *DB2I) SetBindInterface(v string)

SetBindInterface sets the bind interface of the DB2I.

func (*DB2I) SetEgressFilter

func (m *DB2I) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the DB2I.

func (*DB2I) SetName

func (m *DB2I) SetName(v string)

SetName sets the name of the DB2I.

func (*DB2I) SetSecretStoreID

func (m *DB2I) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the DB2I.

func (*DB2I) SetTags

func (m *DB2I) SetTags(v Tags)

SetTags sets the tags of the DB2I.

type DB2LUW

type DB2LUW struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*DB2LUW) GetBindInterface

func (m *DB2LUW) GetBindInterface() string

GetBindInterface returns the bind interface of the DB2LUW.

func (*DB2LUW) GetEgressFilter

func (m *DB2LUW) GetEgressFilter() string

GetEgressFilter returns the egress filter of the DB2LUW.

func (*DB2LUW) GetID

func (m *DB2LUW) GetID() string

GetID returns the unique identifier of the DB2LUW.

func (*DB2LUW) GetName

func (m *DB2LUW) GetName() string

GetName returns the name of the DB2LUW.

func (*DB2LUW) GetSecretStoreID

func (m *DB2LUW) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the DB2LUW.

func (*DB2LUW) GetTags

func (m *DB2LUW) GetTags() Tags

GetTags returns the tags of the DB2LUW.

func (*DB2LUW) SetBindInterface

func (m *DB2LUW) SetBindInterface(v string)

SetBindInterface sets the bind interface of the DB2LUW.

func (*DB2LUW) SetEgressFilter

func (m *DB2LUW) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the DB2LUW.

func (*DB2LUW) SetName

func (m *DB2LUW) SetName(v string)

SetName sets the name of the DB2LUW.

func (*DB2LUW) SetSecretStoreID

func (m *DB2LUW) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the DB2LUW.

func (*DB2LUW) SetTags

func (m *DB2LUW) SetTags(v Tags)

SetTags sets the tags of the DB2LUW.

type DeadlineExceededError

type DeadlineExceededError struct {
	// Wrapped is a underlying error.
	Wrapped error
}

DeadlineExceededError indicates a timeout occurred.

func (*DeadlineExceededError) Code

func (e *DeadlineExceededError) Code() int

func (*DeadlineExceededError) Error

func (e *DeadlineExceededError) Error() string

func (*DeadlineExceededError) Unwrap

func (e *DeadlineExceededError) Unwrap() error

type DeleteResponseMetadata

type DeleteResponseMetadata struct {
}

DeleteResponseMetadata is reserved for future use.

type DelineaStore

type DelineaStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The URL of the Delinea instance
	ServerUrl string `json:"serverUrl"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The tenant name to target
	TenantName string `json:"tenantName"`
}

func (*DelineaStore) GetID

func (m *DelineaStore) GetID() string

GetID returns the unique identifier of the DelineaStore.

func (*DelineaStore) GetName

func (m *DelineaStore) GetName() string

GetName returns the name of the DelineaStore.

func (*DelineaStore) GetTags

func (m *DelineaStore) GetTags() Tags

GetTags returns the tags of the DelineaStore.

func (*DelineaStore) SetName

func (m *DelineaStore) SetName(v string)

SetName sets the name of the DelineaStore.

func (*DelineaStore) SetTags

func (m *DelineaStore) SetTags(v Tags)

SetTags sets the tags of the DelineaStore.

type DocumentDBHost

type DocumentDBHost struct {
	// The authentication database to use.
	AuthDatabase string `json:"authDatabase"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*DocumentDBHost) GetBindInterface

func (m *DocumentDBHost) GetBindInterface() string

GetBindInterface returns the bind interface of the DocumentDBHost.

func (*DocumentDBHost) GetEgressFilter

func (m *DocumentDBHost) GetEgressFilter() string

GetEgressFilter returns the egress filter of the DocumentDBHost.

func (*DocumentDBHost) GetID

func (m *DocumentDBHost) GetID() string

GetID returns the unique identifier of the DocumentDBHost.

func (*DocumentDBHost) GetName

func (m *DocumentDBHost) GetName() string

GetName returns the name of the DocumentDBHost.

func (*DocumentDBHost) GetSecretStoreID

func (m *DocumentDBHost) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the DocumentDBHost.

func (*DocumentDBHost) GetTags

func (m *DocumentDBHost) GetTags() Tags

GetTags returns the tags of the DocumentDBHost.

func (*DocumentDBHost) SetBindInterface

func (m *DocumentDBHost) SetBindInterface(v string)

SetBindInterface sets the bind interface of the DocumentDBHost.

func (*DocumentDBHost) SetEgressFilter

func (m *DocumentDBHost) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the DocumentDBHost.

func (*DocumentDBHost) SetName

func (m *DocumentDBHost) SetName(v string)

SetName sets the name of the DocumentDBHost.

func (*DocumentDBHost) SetSecretStoreID

func (m *DocumentDBHost) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the DocumentDBHost.

func (*DocumentDBHost) SetTags

func (m *DocumentDBHost) SetTags(v Tags)

SetTags sets the tags of the DocumentDBHost.

type DocumentDBReplicaSet

type DocumentDBReplicaSet struct {
	// The authentication database to use.
	AuthDatabase string `json:"authDatabase"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// Set to connect to a replica instead of the primary node.
	ConnectToReplica bool `json:"connectToReplica"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Hostname must contain the hostname/port pairs of all instances in the replica set separated by commas.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The name of the mongo replicaset.
	ReplicaSet string `json:"replicaSet"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*DocumentDBReplicaSet) GetBindInterface

func (m *DocumentDBReplicaSet) GetBindInterface() string

GetBindInterface returns the bind interface of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) GetEgressFilter

func (m *DocumentDBReplicaSet) GetEgressFilter() string

GetEgressFilter returns the egress filter of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) GetID

func (m *DocumentDBReplicaSet) GetID() string

GetID returns the unique identifier of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) GetName

func (m *DocumentDBReplicaSet) GetName() string

GetName returns the name of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) GetSecretStoreID

func (m *DocumentDBReplicaSet) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) GetTags

func (m *DocumentDBReplicaSet) GetTags() Tags

GetTags returns the tags of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) SetBindInterface

func (m *DocumentDBReplicaSet) SetBindInterface(v string)

SetBindInterface sets the bind interface of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) SetEgressFilter

func (m *DocumentDBReplicaSet) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) SetName

func (m *DocumentDBReplicaSet) SetName(v string)

SetName sets the name of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) SetSecretStoreID

func (m *DocumentDBReplicaSet) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the DocumentDBReplicaSet.

func (*DocumentDBReplicaSet) SetTags

func (m *DocumentDBReplicaSet) SetTags(v Tags)

SetTags sets the tags of the DocumentDBReplicaSet.

type Druid

type Druid struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Druid) GetBindInterface

func (m *Druid) GetBindInterface() string

GetBindInterface returns the bind interface of the Druid.

func (*Druid) GetEgressFilter

func (m *Druid) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Druid.

func (*Druid) GetID

func (m *Druid) GetID() string

GetID returns the unique identifier of the Druid.

func (*Druid) GetName

func (m *Druid) GetName() string

GetName returns the name of the Druid.

func (*Druid) GetSecretStoreID

func (m *Druid) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Druid.

func (*Druid) GetTags

func (m *Druid) GetTags() Tags

GetTags returns the tags of the Druid.

func (*Druid) SetBindInterface

func (m *Druid) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Druid.

func (*Druid) SetEgressFilter

func (m *Druid) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Druid.

func (*Druid) SetName

func (m *Druid) SetName(v string)

SetName sets the name of the Druid.

func (*Druid) SetSecretStoreID

func (m *Druid) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Druid.

func (*Druid) SetTags

func (m *Druid) SetTags(v Tags)

SetTags sets the tags of the Druid.

type DynamoDB

type DynamoDB struct {
	// The Access Key ID to use to authenticate.
	AccessKey string `json:"accessKey"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The endpoint to dial e.g. dynamodb.region.amazonaws.com
	Endpoint string `json:"endpoint"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The region to authenticate requests against e.g. us-east-1
	Region string `json:"region"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// The Secret Access Key to use to authenticate.
	SecretAccessKey string `json:"secretAccessKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*DynamoDB) GetBindInterface

func (m *DynamoDB) GetBindInterface() string

GetBindInterface returns the bind interface of the DynamoDB.

func (*DynamoDB) GetEgressFilter

func (m *DynamoDB) GetEgressFilter() string

GetEgressFilter returns the egress filter of the DynamoDB.

func (*DynamoDB) GetID

func (m *DynamoDB) GetID() string

GetID returns the unique identifier of the DynamoDB.

func (*DynamoDB) GetName

func (m *DynamoDB) GetName() string

GetName returns the name of the DynamoDB.

func (*DynamoDB) GetSecretStoreID

func (m *DynamoDB) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the DynamoDB.

func (*DynamoDB) GetTags

func (m *DynamoDB) GetTags() Tags

GetTags returns the tags of the DynamoDB.

func (*DynamoDB) SetBindInterface

func (m *DynamoDB) SetBindInterface(v string)

SetBindInterface sets the bind interface of the DynamoDB.

func (*DynamoDB) SetEgressFilter

func (m *DynamoDB) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the DynamoDB.

func (*DynamoDB) SetName

func (m *DynamoDB) SetName(v string)

SetName sets the name of the DynamoDB.

func (*DynamoDB) SetSecretStoreID

func (m *DynamoDB) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the DynamoDB.

func (*DynamoDB) SetTags

func (m *DynamoDB) SetTags(v Tags)

SetTags sets the tags of the DynamoDB.

type Elastic

type Elastic struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Elastic) GetBindInterface

func (m *Elastic) GetBindInterface() string

GetBindInterface returns the bind interface of the Elastic.

func (*Elastic) GetEgressFilter

func (m *Elastic) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Elastic.

func (*Elastic) GetID

func (m *Elastic) GetID() string

GetID returns the unique identifier of the Elastic.

func (*Elastic) GetName

func (m *Elastic) GetName() string

GetName returns the name of the Elastic.

func (*Elastic) GetSecretStoreID

func (m *Elastic) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Elastic.

func (*Elastic) GetTags

func (m *Elastic) GetTags() Tags

GetTags returns the tags of the Elastic.

func (*Elastic) SetBindInterface

func (m *Elastic) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Elastic.

func (*Elastic) SetEgressFilter

func (m *Elastic) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Elastic.

func (*Elastic) SetName

func (m *Elastic) SetName(v string)

SetName sets the name of the Elastic.

func (*Elastic) SetSecretStoreID

func (m *Elastic) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Elastic.

func (*Elastic) SetTags

func (m *Elastic) SetTags(v Tags)

SetTags sets the tags of the Elastic.

type ElasticacheRedis

type ElasticacheRedis struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*ElasticacheRedis) GetBindInterface

func (m *ElasticacheRedis) GetBindInterface() string

GetBindInterface returns the bind interface of the ElasticacheRedis.

func (*ElasticacheRedis) GetEgressFilter

func (m *ElasticacheRedis) GetEgressFilter() string

GetEgressFilter returns the egress filter of the ElasticacheRedis.

func (*ElasticacheRedis) GetID

func (m *ElasticacheRedis) GetID() string

GetID returns the unique identifier of the ElasticacheRedis.

func (*ElasticacheRedis) GetName

func (m *ElasticacheRedis) GetName() string

GetName returns the name of the ElasticacheRedis.

func (*ElasticacheRedis) GetSecretStoreID

func (m *ElasticacheRedis) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the ElasticacheRedis.

func (*ElasticacheRedis) GetTags

func (m *ElasticacheRedis) GetTags() Tags

GetTags returns the tags of the ElasticacheRedis.

func (*ElasticacheRedis) SetBindInterface

func (m *ElasticacheRedis) SetBindInterface(v string)

SetBindInterface sets the bind interface of the ElasticacheRedis.

func (*ElasticacheRedis) SetEgressFilter

func (m *ElasticacheRedis) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the ElasticacheRedis.

func (*ElasticacheRedis) SetName

func (m *ElasticacheRedis) SetName(v string)

SetName sets the name of the ElasticacheRedis.

func (*ElasticacheRedis) SetSecretStoreID

func (m *ElasticacheRedis) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the ElasticacheRedis.

func (*ElasticacheRedis) SetTags

func (m *ElasticacheRedis) SetTags(v Tags)

SetTags sets the tags of the ElasticacheRedis.

type Error

type Error interface {
	// Code returns the gRPC error code
	Code() int
	error
}

Error is a generic RPC error indicating something went wrong at the transport layer. Use Code() and Unwrap() to inspect the actual failed condition.

type GCP

type GCP struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// The service account keyfile to authenticate with.
	Keyfile string `json:"keyfile"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// Space separated scopes that this login should assume into when authenticating.
	Scopes string `json:"scopes"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*GCP) GetBindInterface

func (m *GCP) GetBindInterface() string

GetBindInterface returns the bind interface of the GCP.

func (*GCP) GetEgressFilter

func (m *GCP) GetEgressFilter() string

GetEgressFilter returns the egress filter of the GCP.

func (*GCP) GetID

func (m *GCP) GetID() string

GetID returns the unique identifier of the GCP.

func (*GCP) GetName

func (m *GCP) GetName() string

GetName returns the name of the GCP.

func (*GCP) GetSecretStoreID

func (m *GCP) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the GCP.

func (*GCP) GetTags

func (m *GCP) GetTags() Tags

GetTags returns the tags of the GCP.

func (*GCP) SetBindInterface

func (m *GCP) SetBindInterface(v string)

SetBindInterface sets the bind interface of the GCP.

func (*GCP) SetEgressFilter

func (m *GCP) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the GCP.

func (*GCP) SetName

func (m *GCP) SetName(v string)

SetName sets the name of the GCP.

func (*GCP) SetSecretStoreID

func (m *GCP) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the GCP.

func (*GCP) SetTags

func (m *GCP) SetTags(v Tags)

SetTags sets the tags of the GCP.

type GCPCertX509Store

type GCPCertX509Store struct {
	// The ID of the target CA
	CaID string `json:"caId"`
	// The ID of the target CA pool
	CaPoolID string `json:"caPoolId"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// The lifetime of certificates issued by this CA represented in minutes.
	IssuedCertTTLMinutes int32 `json:"issuedCertTtlMinutes"`
	// The Region for the CA in GCP format e.g. us-west1
	Location string `json:"location"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The GCP project ID to target.
	ProjectID string `json:"projectId"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*GCPCertX509Store) GetID

func (m *GCPCertX509Store) GetID() string

GetID returns the unique identifier of the GCPCertX509Store.

func (*GCPCertX509Store) GetName

func (m *GCPCertX509Store) GetName() string

GetName returns the name of the GCPCertX509Store.

func (*GCPCertX509Store) GetTags

func (m *GCPCertX509Store) GetTags() Tags

GetTags returns the tags of the GCPCertX509Store.

func (*GCPCertX509Store) SetName

func (m *GCPCertX509Store) SetName(v string)

SetName sets the name of the GCPCertX509Store.

func (*GCPCertX509Store) SetTags

func (m *GCPCertX509Store) SetTags(v Tags)

SetTags sets the tags of the GCPCertX509Store.

type GCPStore

type GCPStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The GCP project ID to target.
	ProjectID string `json:"projectId"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*GCPStore) GetID

func (m *GCPStore) GetID() string

GetID returns the unique identifier of the GCPStore.

func (*GCPStore) GetName

func (m *GCPStore) GetName() string

GetName returns the name of the GCPStore.

func (*GCPStore) GetTags

func (m *GCPStore) GetTags() Tags

GetTags returns the tags of the GCPStore.

func (*GCPStore) SetName

func (m *GCPStore) SetName(v string)

SetName sets the name of the GCPStore.

func (*GCPStore) SetTags

func (m *GCPStore) SetTags(v Tags)

SetTags sets the tags of the GCPStore.

type Gateway

type Gateway struct {
	// The hostname/port tuple which the gateway daemon will bind to.
	// If not provided on create, set to "0.0.0.0:listen_address_port".
	BindAddress string `json:"bindAddress"`
	// Device is a read only device name uploaded by the gateway process when
	// it comes online.
	Device string `json:"device"`
	// GatewayFilter can be used to restrict the peering between relays and
	// gateways. Deprecated.
	GatewayFilter string `json:"gatewayFilter"`
	// Unique identifier of the Gateway.
	ID string `json:"id"`
	// The public hostname/port tuple at which the gateway will be accessible to clients.
	ListenAddress string `json:"listenAddress"`
	// Location is a read only network location uploaded by the gateway process
	// when it comes online.
	Location string `json:"location"`
	// Maintenance Windows define when this node is allowed to restart. If a node
	// is requested to restart, it will check each window to determine if any of
	// them permit it to restart, and if any do, it will. This check is repeated
	// per window until the restart is successfully completed.
	//
	// If not set here, may be set on the command line or via an environment variable
	// on the process itself; any server setting will take precedence over local
	// settings. This setting is ineffective for nodes below version 38.44.0.
	//
	// If this setting is not applied via this remote configuration or via local
	// configuration, the default setting is used: always allow restarts if serving
	// no connections, and allow a restart even if serving connections between 7-8 UTC, any day.
	MaintenanceWindows []*NodeMaintenanceWindow `json:"maintenanceWindows"`
	// Unique human-readable name of the Gateway. Node names must include only letters, numbers, and hyphens (no spaces, underscores, or other special characters). Generated if not provided on create.
	Name string `json:"name"`
	// The current state of the gateway. One of: "new", "verifying_restart",
	// "restarting", "started", "stopped", "dead", "unknown"
	State string `json:"state"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// Version is a read only sdm binary version uploaded by the gateway process
	// when it comes online.
	Version string `json:"version"`
}

Gateway represents a StrongDM CLI installation running in gateway mode.

func (*Gateway) GetID

func (m *Gateway) GetID() string

GetID returns the unique identifier of the Gateway.

func (*Gateway) GetName

func (m *Gateway) GetName() string

GetName returns the name of the Gateway.

func (*Gateway) GetTags

func (m *Gateway) GetTags() Tags

GetTags returns the tags of the Gateway.

func (*Gateway) SetName

func (m *Gateway) SetName(v string)

SetName sets the name of the Gateway.

func (*Gateway) SetTags

func (m *Gateway) SetTags(v Tags)

SetTags sets the tags of the Gateway.

type GetResponseMetadata

type GetResponseMetadata struct {
}

GetResponseMetadata is reserved for future use.

type GoogleGKE

type GoogleGKE struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The endpoint to dial.
	Endpoint string `json:"endpoint"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// The service account key to authenticate with.
	ServiceAccountKey string `json:"serviceAccountKey"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*GoogleGKE) GetBindInterface

func (m *GoogleGKE) GetBindInterface() string

GetBindInterface returns the bind interface of the GoogleGKE.

func (*GoogleGKE) GetEgressFilter

func (m *GoogleGKE) GetEgressFilter() string

GetEgressFilter returns the egress filter of the GoogleGKE.

func (*GoogleGKE) GetID

func (m *GoogleGKE) GetID() string

GetID returns the unique identifier of the GoogleGKE.

func (*GoogleGKE) GetName

func (m *GoogleGKE) GetName() string

GetName returns the name of the GoogleGKE.

func (*GoogleGKE) GetSecretStoreID

func (m *GoogleGKE) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the GoogleGKE.

func (*GoogleGKE) GetTags

func (m *GoogleGKE) GetTags() Tags

GetTags returns the tags of the GoogleGKE.

func (*GoogleGKE) SetBindInterface

func (m *GoogleGKE) SetBindInterface(v string)

SetBindInterface sets the bind interface of the GoogleGKE.

func (*GoogleGKE) SetEgressFilter

func (m *GoogleGKE) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the GoogleGKE.

func (*GoogleGKE) SetName

func (m *GoogleGKE) SetName(v string)

SetName sets the name of the GoogleGKE.

func (*GoogleGKE) SetSecretStoreID

func (m *GoogleGKE) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the GoogleGKE.

func (*GoogleGKE) SetTags

func (m *GoogleGKE) SetTags(v Tags)

SetTags sets the tags of the GoogleGKE.

type GoogleGKEUserImpersonation

type GoogleGKEUserImpersonation struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The endpoint to dial.
	Endpoint string `json:"endpoint"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// The service account key to authenticate with.
	ServiceAccountKey string `json:"serviceAccountKey"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*GoogleGKEUserImpersonation) GetBindInterface

func (m *GoogleGKEUserImpersonation) GetBindInterface() string

GetBindInterface returns the bind interface of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) GetEgressFilter

func (m *GoogleGKEUserImpersonation) GetEgressFilter() string

GetEgressFilter returns the egress filter of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) GetID

GetID returns the unique identifier of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) GetName

func (m *GoogleGKEUserImpersonation) GetName() string

GetName returns the name of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) GetSecretStoreID

func (m *GoogleGKEUserImpersonation) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) GetTags

func (m *GoogleGKEUserImpersonation) GetTags() Tags

GetTags returns the tags of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) SetBindInterface

func (m *GoogleGKEUserImpersonation) SetBindInterface(v string)

SetBindInterface sets the bind interface of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) SetEgressFilter

func (m *GoogleGKEUserImpersonation) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) SetName

func (m *GoogleGKEUserImpersonation) SetName(v string)

SetName sets the name of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) SetSecretStoreID

func (m *GoogleGKEUserImpersonation) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the GoogleGKEUserImpersonation.

func (*GoogleGKEUserImpersonation) SetTags

func (m *GoogleGKEUserImpersonation) SetTags(v Tags)

SetTags sets the tags of the GoogleGKEUserImpersonation.

type Greenplum

type Greenplum struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Greenplum) GetBindInterface

func (m *Greenplum) GetBindInterface() string

GetBindInterface returns the bind interface of the Greenplum.

func (*Greenplum) GetEgressFilter

func (m *Greenplum) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Greenplum.

func (*Greenplum) GetID

func (m *Greenplum) GetID() string

GetID returns the unique identifier of the Greenplum.

func (*Greenplum) GetName

func (m *Greenplum) GetName() string

GetName returns the name of the Greenplum.

func (*Greenplum) GetSecretStoreID

func (m *Greenplum) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Greenplum.

func (*Greenplum) GetTags

func (m *Greenplum) GetTags() Tags

GetTags returns the tags of the Greenplum.

func (*Greenplum) SetBindInterface

func (m *Greenplum) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Greenplum.

func (*Greenplum) SetEgressFilter

func (m *Greenplum) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Greenplum.

func (*Greenplum) SetName

func (m *Greenplum) SetName(v string)

SetName sets the name of the Greenplum.

func (*Greenplum) SetSecretStoreID

func (m *Greenplum) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Greenplum.

func (*Greenplum) SetTags

func (m *Greenplum) SetTags(v Tags)

SetTags sets the tags of the Greenplum.

type HTTPAuth

type HTTPAuth struct {
	// The content to set as the authorization header.
	AuthHeader string `json:"authHeader"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// Automatically redirect to this path upon connecting.
	DefaultPath string `json:"defaultPath"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// Header names (e.g. Authorization), to omit from logs.
	HeadersBlacklist string `json:"headersBlacklist"`
	// This path will be used to check the health of your site.
	HealthcheckPath string `json:"healthcheckPath"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host header will be overwritten with this field if provided.
	HostOverride string `json:"hostOverride"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The base address of your website without the path.
	Url string `json:"url"`
}

func (*HTTPAuth) GetBindInterface

func (m *HTTPAuth) GetBindInterface() string

GetBindInterface returns the bind interface of the HTTPAuth.

func (*HTTPAuth) GetEgressFilter

func (m *HTTPAuth) GetEgressFilter() string

GetEgressFilter returns the egress filter of the HTTPAuth.

func (*HTTPAuth) GetID

func (m *HTTPAuth) GetID() string

GetID returns the unique identifier of the HTTPAuth.

func (*HTTPAuth) GetName

func (m *HTTPAuth) GetName() string

GetName returns the name of the HTTPAuth.

func (*HTTPAuth) GetSecretStoreID

func (m *HTTPAuth) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the HTTPAuth.

func (*HTTPAuth) GetTags

func (m *HTTPAuth) GetTags() Tags

GetTags returns the tags of the HTTPAuth.

func (*HTTPAuth) SetBindInterface

func (m *HTTPAuth) SetBindInterface(v string)

SetBindInterface sets the bind interface of the HTTPAuth.

func (*HTTPAuth) SetEgressFilter

func (m *HTTPAuth) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the HTTPAuth.

func (*HTTPAuth) SetName

func (m *HTTPAuth) SetName(v string)

SetName sets the name of the HTTPAuth.

func (*HTTPAuth) SetSecretStoreID

func (m *HTTPAuth) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the HTTPAuth.

func (*HTTPAuth) SetTags

func (m *HTTPAuth) SetTags(v Tags)

SetTags sets the tags of the HTTPAuth.

type HTTPBasicAuth

type HTTPBasicAuth struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// Automatically redirect to this path upon connecting.
	DefaultPath string `json:"defaultPath"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// Header names (e.g. Authorization), to omit from logs.
	HeadersBlacklist string `json:"headersBlacklist"`
	// This path will be used to check the health of your site.
	HealthcheckPath string `json:"healthcheckPath"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host header will be overwritten with this field if provided.
	HostOverride string `json:"hostOverride"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The base address of your website without the path.
	Url string `json:"url"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*HTTPBasicAuth) GetBindInterface

func (m *HTTPBasicAuth) GetBindInterface() string

GetBindInterface returns the bind interface of the HTTPBasicAuth.

func (*HTTPBasicAuth) GetEgressFilter

func (m *HTTPBasicAuth) GetEgressFilter() string

GetEgressFilter returns the egress filter of the HTTPBasicAuth.

func (*HTTPBasicAuth) GetID

func (m *HTTPBasicAuth) GetID() string

GetID returns the unique identifier of the HTTPBasicAuth.

func (*HTTPBasicAuth) GetName

func (m *HTTPBasicAuth) GetName() string

GetName returns the name of the HTTPBasicAuth.

func (*HTTPBasicAuth) GetSecretStoreID

func (m *HTTPBasicAuth) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the HTTPBasicAuth.

func (*HTTPBasicAuth) GetTags

func (m *HTTPBasicAuth) GetTags() Tags

GetTags returns the tags of the HTTPBasicAuth.

func (*HTTPBasicAuth) SetBindInterface

func (m *HTTPBasicAuth) SetBindInterface(v string)

SetBindInterface sets the bind interface of the HTTPBasicAuth.

func (*HTTPBasicAuth) SetEgressFilter

func (m *HTTPBasicAuth) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the HTTPBasicAuth.

func (*HTTPBasicAuth) SetName

func (m *HTTPBasicAuth) SetName(v string)

SetName sets the name of the HTTPBasicAuth.

func (*HTTPBasicAuth) SetSecretStoreID

func (m *HTTPBasicAuth) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the HTTPBasicAuth.

func (*HTTPBasicAuth) SetTags

func (m *HTTPBasicAuth) SetTags(v Tags)

SetTags sets the tags of the HTTPBasicAuth.

type HTTPNoAuth

type HTTPNoAuth struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// Automatically redirect to this path upon connecting.
	DefaultPath string `json:"defaultPath"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// Header names (e.g. Authorization), to omit from logs.
	HeadersBlacklist string `json:"headersBlacklist"`
	// This path will be used to check the health of your site.
	HealthcheckPath string `json:"healthcheckPath"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host header will be overwritten with this field if provided.
	HostOverride string `json:"hostOverride"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The base address of your website without the path.
	Url string `json:"url"`
}

func (*HTTPNoAuth) GetBindInterface

func (m *HTTPNoAuth) GetBindInterface() string

GetBindInterface returns the bind interface of the HTTPNoAuth.

func (*HTTPNoAuth) GetEgressFilter

func (m *HTTPNoAuth) GetEgressFilter() string

GetEgressFilter returns the egress filter of the HTTPNoAuth.

func (*HTTPNoAuth) GetID

func (m *HTTPNoAuth) GetID() string

GetID returns the unique identifier of the HTTPNoAuth.

func (*HTTPNoAuth) GetName

func (m *HTTPNoAuth) GetName() string

GetName returns the name of the HTTPNoAuth.

func (*HTTPNoAuth) GetSecretStoreID

func (m *HTTPNoAuth) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the HTTPNoAuth.

func (*HTTPNoAuth) GetTags

func (m *HTTPNoAuth) GetTags() Tags

GetTags returns the tags of the HTTPNoAuth.

func (*HTTPNoAuth) SetBindInterface

func (m *HTTPNoAuth) SetBindInterface(v string)

SetBindInterface sets the bind interface of the HTTPNoAuth.

func (*HTTPNoAuth) SetEgressFilter

func (m *HTTPNoAuth) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the HTTPNoAuth.

func (*HTTPNoAuth) SetName

func (m *HTTPNoAuth) SetName(v string)

SetName sets the name of the HTTPNoAuth.

func (*HTTPNoAuth) SetSecretStoreID

func (m *HTTPNoAuth) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the HTTPNoAuth.

func (*HTTPNoAuth) SetTags

func (m *HTTPNoAuth) SetTags(v Tags)

SetTags sets the tags of the HTTPNoAuth.

type InternalError

type InternalError struct {
	// Message is the error content.
	Message string
}

InternalError is used to specify an internal system error

func (InternalError) Code

func (e InternalError) Code() int

func (InternalError) Error

func (e InternalError) Error() string

type KeyfactorSSHStore added in v8.3.0

type KeyfactorSSHStore struct {
	// Path to the root CA that signed the certificate passed to the client for HTTPS connection.
	// This is not required if the CA is trusted by the host operating system. This should be a PEM
	// formatted certificate, and doesn't necessarily have to be the CA that signed CertificateFile.
	CaFilePath string `json:"caFilePath"`
	// Path to client certificate in PEM format. This certificate must contain a client certificate that
	// is recognized by the EJBCA instance represented by Hostname. This PEM file may also contain the private
	// key associated with the certificate, but KeyFile can also be set to configure the private key.
	CertificateFilePath string `json:"certificateFilePath"`
	// Name of EJBCA certificate authority that will enroll CSR.
	DefaultCertificateAuthorityName string `json:"defaultCertificateAuthorityName"`
	// Certificate profile name that EJBCA will enroll the CSR with.
	DefaultCertificateProfileName string `json:"defaultCertificateProfileName"`
	// End entity profile that EJBCA will enroll the CSR with.
	DefaultEndEntityProfileName string `json:"defaultEndEntityProfileName"`
	// code used by EJBCA during enrollment. May be left blank if no code is required.
	EnrollmentCodeEnvVar string `json:"enrollmentCodeEnvVar"`
	// username that used by the EJBCA during enrollment. This can be left out.
	// If so, the username must be auto-generated on the Keyfactor side.
	EnrollmentUsernameEnvVar string `json:"enrollmentUsernameEnvVar"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Path to private key in PEM format. This file should contain the private key associated with the
	// client certificate configured in CertificateFile.
	KeyFilePath string `json:"keyFilePath"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// the host of the Key Factor CA
	ServerAddress string `json:"serverAddress"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*KeyfactorSSHStore) GetID added in v8.3.0

func (m *KeyfactorSSHStore) GetID() string

GetID returns the unique identifier of the KeyfactorSSHStore.

func (*KeyfactorSSHStore) GetName added in v8.3.0

func (m *KeyfactorSSHStore) GetName() string

GetName returns the name of the KeyfactorSSHStore.

func (*KeyfactorSSHStore) GetTags added in v8.3.0

func (m *KeyfactorSSHStore) GetTags() Tags

GetTags returns the tags of the KeyfactorSSHStore.

func (*KeyfactorSSHStore) SetName added in v8.3.0

func (m *KeyfactorSSHStore) SetName(v string)

SetName sets the name of the KeyfactorSSHStore.

func (*KeyfactorSSHStore) SetTags added in v8.3.0

func (m *KeyfactorSSHStore) SetTags(v Tags)

SetTags sets the tags of the KeyfactorSSHStore.

type KeyfactorX509Store added in v8.1.0

type KeyfactorX509Store struct {
	// Path to the root CA that signed the certificate passed to the client for HTTPS connection.
	// This is not required if the CA is trusted by the host operating system. This should be a PEM
	// formatted certificate, and doesn't necessarily have to be the CA that signed CertificateFile.
	CaFilePath string `json:"caFilePath"`
	// Path to client certificate in PEM format. This certificate must contain a client certificate that
	// is recognized by the EJBCA instance represented by Hostname. This PEM file may also contain the private
	// key associated with the certificate, but KeyFile can also be set to configure the private key.
	CertificateFilePath string `json:"certificateFilePath"`
	// Name of EJBCA certificate authority that will enroll CSR.
	DefaultCertificateAuthorityName string `json:"defaultCertificateAuthorityName"`
	// Certificate profile name that EJBCA will enroll the CSR with.
	DefaultCertificateProfileName string `json:"defaultCertificateProfileName"`
	// End entity profile that EJBCA will enroll the CSR with.
	DefaultEndEntityProfileName string `json:"defaultEndEntityProfileName"`
	// code used by EJBCA during enrollment. May be left blank if no code is required.
	EnrollmentCodeEnvVar string `json:"enrollmentCodeEnvVar"`
	// username that used by the EJBCA during enrollment. This can be left out.
	// If so, the username must be auto-generated on the Keyfactor side.
	EnrollmentUsernameEnvVar string `json:"enrollmentUsernameEnvVar"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Path to private key in PEM format. This file should contain the private key associated with the
	// client certificate configured in CertificateFile.
	KeyFilePath string `json:"keyFilePath"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// the host of the Key Factor CA
	ServerAddress string `json:"serverAddress"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*KeyfactorX509Store) GetID added in v8.1.0

func (m *KeyfactorX509Store) GetID() string

GetID returns the unique identifier of the KeyfactorX509Store.

func (*KeyfactorX509Store) GetName added in v8.1.0

func (m *KeyfactorX509Store) GetName() string

GetName returns the name of the KeyfactorX509Store.

func (*KeyfactorX509Store) GetTags added in v8.1.0

func (m *KeyfactorX509Store) GetTags() Tags

GetTags returns the tags of the KeyfactorX509Store.

func (*KeyfactorX509Store) SetName added in v8.1.0

func (m *KeyfactorX509Store) SetName(v string)

SetName sets the name of the KeyfactorX509Store.

func (*KeyfactorX509Store) SetTags added in v8.1.0

func (m *KeyfactorX509Store) SetTags(v Tags)

SetTags sets the tags of the KeyfactorX509Store.

type Kubernetes

type Kubernetes struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The certificate to authenticate TLS connections with.
	ClientCertificate string `json:"clientCertificate"`
	// The key to authenticate TLS connections with.
	ClientKey string `json:"clientKey"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*Kubernetes) GetBindInterface

func (m *Kubernetes) GetBindInterface() string

GetBindInterface returns the bind interface of the Kubernetes.

func (*Kubernetes) GetEgressFilter

func (m *Kubernetes) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Kubernetes.

func (*Kubernetes) GetID

func (m *Kubernetes) GetID() string

GetID returns the unique identifier of the Kubernetes.

func (*Kubernetes) GetName

func (m *Kubernetes) GetName() string

GetName returns the name of the Kubernetes.

func (*Kubernetes) GetSecretStoreID

func (m *Kubernetes) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Kubernetes.

func (*Kubernetes) GetTags

func (m *Kubernetes) GetTags() Tags

GetTags returns the tags of the Kubernetes.

func (*Kubernetes) SetBindInterface

func (m *Kubernetes) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Kubernetes.

func (*Kubernetes) SetEgressFilter

func (m *Kubernetes) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Kubernetes.

func (*Kubernetes) SetName

func (m *Kubernetes) SetName(v string)

SetName sets the name of the Kubernetes.

func (*Kubernetes) SetSecretStoreID

func (m *Kubernetes) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Kubernetes.

func (*Kubernetes) SetTags

func (m *Kubernetes) SetTags(v Tags)

SetTags sets the tags of the Kubernetes.

type KubernetesBasicAuth

type KubernetesBasicAuth struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*KubernetesBasicAuth) GetBindInterface

func (m *KubernetesBasicAuth) GetBindInterface() string

GetBindInterface returns the bind interface of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) GetEgressFilter

func (m *KubernetesBasicAuth) GetEgressFilter() string

GetEgressFilter returns the egress filter of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) GetID

func (m *KubernetesBasicAuth) GetID() string

GetID returns the unique identifier of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) GetName

func (m *KubernetesBasicAuth) GetName() string

GetName returns the name of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) GetSecretStoreID

func (m *KubernetesBasicAuth) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) GetTags

func (m *KubernetesBasicAuth) GetTags() Tags

GetTags returns the tags of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) SetBindInterface

func (m *KubernetesBasicAuth) SetBindInterface(v string)

SetBindInterface sets the bind interface of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) SetEgressFilter

func (m *KubernetesBasicAuth) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) SetName

func (m *KubernetesBasicAuth) SetName(v string)

SetName sets the name of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) SetSecretStoreID

func (m *KubernetesBasicAuth) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the KubernetesBasicAuth.

func (*KubernetesBasicAuth) SetTags

func (m *KubernetesBasicAuth) SetTags(v Tags)

SetTags sets the tags of the KubernetesBasicAuth.

type KubernetesServiceAccount

type KubernetesServiceAccount struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The API token to authenticate with.
	Token string `json:"token"`
}

func (*KubernetesServiceAccount) GetBindInterface

func (m *KubernetesServiceAccount) GetBindInterface() string

GetBindInterface returns the bind interface of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) GetEgressFilter

func (m *KubernetesServiceAccount) GetEgressFilter() string

GetEgressFilter returns the egress filter of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) GetID

func (m *KubernetesServiceAccount) GetID() string

GetID returns the unique identifier of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) GetName

func (m *KubernetesServiceAccount) GetName() string

GetName returns the name of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) GetSecretStoreID

func (m *KubernetesServiceAccount) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) GetTags

func (m *KubernetesServiceAccount) GetTags() Tags

GetTags returns the tags of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) SetBindInterface

func (m *KubernetesServiceAccount) SetBindInterface(v string)

SetBindInterface sets the bind interface of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) SetEgressFilter

func (m *KubernetesServiceAccount) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) SetName

func (m *KubernetesServiceAccount) SetName(v string)

SetName sets the name of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) SetSecretStoreID

func (m *KubernetesServiceAccount) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the KubernetesServiceAccount.

func (*KubernetesServiceAccount) SetTags

func (m *KubernetesServiceAccount) SetTags(v Tags)

SetTags sets the tags of the KubernetesServiceAccount.

type KubernetesServiceAccountUserImpersonation

type KubernetesServiceAccountUserImpersonation struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The API token to authenticate with.
	Token string `json:"token"`
}

func (*KubernetesServiceAccountUserImpersonation) GetBindInterface

func (m *KubernetesServiceAccountUserImpersonation) GetBindInterface() string

GetBindInterface returns the bind interface of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) GetEgressFilter

GetEgressFilter returns the egress filter of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) GetID

GetID returns the unique identifier of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) GetName

GetName returns the name of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) GetSecretStoreID

func (m *KubernetesServiceAccountUserImpersonation) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) GetTags

GetTags returns the tags of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) SetBindInterface

func (m *KubernetesServiceAccountUserImpersonation) SetBindInterface(v string)

SetBindInterface sets the bind interface of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) SetEgressFilter

func (m *KubernetesServiceAccountUserImpersonation) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) SetName

SetName sets the name of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) SetSecretStoreID

func (m *KubernetesServiceAccountUserImpersonation) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the KubernetesServiceAccountUserImpersonation.

func (*KubernetesServiceAccountUserImpersonation) SetTags

SetTags sets the tags of the KubernetesServiceAccountUserImpersonation.

type KubernetesUserImpersonation

type KubernetesUserImpersonation struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The certificate to authenticate TLS connections with.
	ClientCertificate string `json:"clientCertificate"`
	// The key to authenticate TLS connections with.
	ClientKey string `json:"clientKey"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The path used to check the health of your connection.  Defaults to `default`.
	HealthcheckNamespace string `json:"healthcheckNamespace"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*KubernetesUserImpersonation) GetBindInterface

func (m *KubernetesUserImpersonation) GetBindInterface() string

GetBindInterface returns the bind interface of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) GetEgressFilter

func (m *KubernetesUserImpersonation) GetEgressFilter() string

GetEgressFilter returns the egress filter of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) GetID

GetID returns the unique identifier of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) GetName

func (m *KubernetesUserImpersonation) GetName() string

GetName returns the name of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) GetSecretStoreID

func (m *KubernetesUserImpersonation) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) GetTags

func (m *KubernetesUserImpersonation) GetTags() Tags

GetTags returns the tags of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) SetBindInterface

func (m *KubernetesUserImpersonation) SetBindInterface(v string)

SetBindInterface sets the bind interface of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) SetEgressFilter

func (m *KubernetesUserImpersonation) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) SetName

func (m *KubernetesUserImpersonation) SetName(v string)

SetName sets the name of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) SetSecretStoreID

func (m *KubernetesUserImpersonation) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the KubernetesUserImpersonation.

func (*KubernetesUserImpersonation) SetTags

func (m *KubernetesUserImpersonation) SetTags(v Tags)

SetTags sets the tags of the KubernetesUserImpersonation.

type MTLSMysql

type MTLSMysql struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The certificate to authenticate TLS connections with.
	ClientCertificate string `json:"clientCertificate"`
	// The key to authenticate TLS connections with.
	ClientKey string `json:"clientKey"`
	// The database for healthchecks. Does not affect client requests.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// Whether native auth (mysql_native_password) is used for all connections (for backwards compatibility)
	RequireNativeAuth bool `json:"requireNativeAuth"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Server name for TLS verification (unverified by StrongDM if empty)
	ServerName string `json:"serverName"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If true, appends the hostname to the username when hitting a database.azure.com address
	UseAzureSingleServerUsernames bool `json:"useAzureSingleServerUsernames"`
	// The username to authenticate with.
	Username string `json:"username"`
}

MTLSMysql is currently unstable, and its API may change, or it may be removed, without a major version bump.

func (*MTLSMysql) GetBindInterface

func (m *MTLSMysql) GetBindInterface() string

GetBindInterface returns the bind interface of the MTLSMysql.

func (*MTLSMysql) GetEgressFilter

func (m *MTLSMysql) GetEgressFilter() string

GetEgressFilter returns the egress filter of the MTLSMysql.

func (*MTLSMysql) GetID

func (m *MTLSMysql) GetID() string

GetID returns the unique identifier of the MTLSMysql.

func (*MTLSMysql) GetName

func (m *MTLSMysql) GetName() string

GetName returns the name of the MTLSMysql.

func (*MTLSMysql) GetSecretStoreID

func (m *MTLSMysql) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the MTLSMysql.

func (*MTLSMysql) GetTags

func (m *MTLSMysql) GetTags() Tags

GetTags returns the tags of the MTLSMysql.

func (*MTLSMysql) SetBindInterface

func (m *MTLSMysql) SetBindInterface(v string)

SetBindInterface sets the bind interface of the MTLSMysql.

func (*MTLSMysql) SetEgressFilter

func (m *MTLSMysql) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the MTLSMysql.

func (*MTLSMysql) SetName

func (m *MTLSMysql) SetName(v string)

SetName sets the name of the MTLSMysql.

func (*MTLSMysql) SetSecretStoreID

func (m *MTLSMysql) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the MTLSMysql.

func (*MTLSMysql) SetTags

func (m *MTLSMysql) SetTags(v Tags)

SetTags sets the tags of the MTLSMysql.

type MTLSPostgres

type MTLSPostgres struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The CA to authenticate TLS connections with.
	CertificateAuthority string `json:"certificateAuthority"`
	// The certificate to authenticate TLS connections with.
	ClientCertificate string `json:"clientCertificate"`
	// The key to authenticate TLS connections with.
	ClientKey string `json:"clientKey"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Server name for TLS verification (unverified by StrongDM if empty)
	ServerName string `json:"serverName"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*MTLSPostgres) GetBindInterface

func (m *MTLSPostgres) GetBindInterface() string

GetBindInterface returns the bind interface of the MTLSPostgres.

func (*MTLSPostgres) GetEgressFilter

func (m *MTLSPostgres) GetEgressFilter() string

GetEgressFilter returns the egress filter of the MTLSPostgres.

func (*MTLSPostgres) GetID

func (m *MTLSPostgres) GetID() string

GetID returns the unique identifier of the MTLSPostgres.

func (*MTLSPostgres) GetName

func (m *MTLSPostgres) GetName() string

GetName returns the name of the MTLSPostgres.

func (*MTLSPostgres) GetSecretStoreID

func (m *MTLSPostgres) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the MTLSPostgres.

func (*MTLSPostgres) GetTags

func (m *MTLSPostgres) GetTags() Tags

GetTags returns the tags of the MTLSPostgres.

func (*MTLSPostgres) SetBindInterface

func (m *MTLSPostgres) SetBindInterface(v string)

SetBindInterface sets the bind interface of the MTLSPostgres.

func (*MTLSPostgres) SetEgressFilter

func (m *MTLSPostgres) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the MTLSPostgres.

func (*MTLSPostgres) SetName

func (m *MTLSPostgres) SetName(v string)

SetName sets the name of the MTLSPostgres.

func (*MTLSPostgres) SetSecretStoreID

func (m *MTLSPostgres) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the MTLSPostgres.

func (*MTLSPostgres) SetTags

func (m *MTLSPostgres) SetTags(v Tags)

SetTags sets the tags of the MTLSPostgres.

type Maria

type Maria struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The database for healthchecks. Does not affect client requests.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// Whether native auth (mysql_native_password) is used for all connections (for backwards compatibility)
	RequireNativeAuth bool `json:"requireNativeAuth"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If true, appends the hostname to the username when hitting a database.azure.com address
	UseAzureSingleServerUsernames bool `json:"useAzureSingleServerUsernames"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Maria) GetBindInterface

func (m *Maria) GetBindInterface() string

GetBindInterface returns the bind interface of the Maria.

func (*Maria) GetEgressFilter

func (m *Maria) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Maria.

func (*Maria) GetID

func (m *Maria) GetID() string

GetID returns the unique identifier of the Maria.

func (*Maria) GetName

func (m *Maria) GetName() string

GetName returns the name of the Maria.

func (*Maria) GetSecretStoreID

func (m *Maria) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Maria.

func (*Maria) GetTags

func (m *Maria) GetTags() Tags

GetTags returns the tags of the Maria.

func (*Maria) SetBindInterface

func (m *Maria) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Maria.

func (*Maria) SetEgressFilter

func (m *Maria) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Maria.

func (*Maria) SetName

func (m *Maria) SetName(v string)

SetName sets the name of the Maria.

func (*Maria) SetSecretStoreID

func (m *Maria) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Maria.

func (*Maria) SetTags

func (m *Maria) SetTags(v Tags)

SetTags sets the tags of the Maria.

type Memcached

type Memcached struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*Memcached) GetBindInterface

func (m *Memcached) GetBindInterface() string

GetBindInterface returns the bind interface of the Memcached.

func (*Memcached) GetEgressFilter

func (m *Memcached) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Memcached.

func (*Memcached) GetID

func (m *Memcached) GetID() string

GetID returns the unique identifier of the Memcached.

func (*Memcached) GetName

func (m *Memcached) GetName() string

GetName returns the name of the Memcached.

func (*Memcached) GetSecretStoreID

func (m *Memcached) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Memcached.

func (*Memcached) GetTags

func (m *Memcached) GetTags() Tags

GetTags returns the tags of the Memcached.

func (*Memcached) SetBindInterface

func (m *Memcached) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Memcached.

func (*Memcached) SetEgressFilter

func (m *Memcached) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Memcached.

func (*Memcached) SetName

func (m *Memcached) SetName(v string)

SetName sets the name of the Memcached.

func (*Memcached) SetSecretStoreID

func (m *Memcached) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Memcached.

func (*Memcached) SetTags

func (m *Memcached) SetTags(v Tags)

SetTags sets the tags of the Memcached.

type Memsql

type Memsql struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The database for healthchecks. Does not affect client requests.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// Whether native auth (mysql_native_password) is used for all connections (for backwards compatibility)
	RequireNativeAuth bool `json:"requireNativeAuth"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If true, appends the hostname to the username when hitting a database.azure.com address
	UseAzureSingleServerUsernames bool `json:"useAzureSingleServerUsernames"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Memsql) GetBindInterface

func (m *Memsql) GetBindInterface() string

GetBindInterface returns the bind interface of the Memsql.

func (*Memsql) GetEgressFilter

func (m *Memsql) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Memsql.

func (*Memsql) GetID

func (m *Memsql) GetID() string

GetID returns the unique identifier of the Memsql.

func (*Memsql) GetName

func (m *Memsql) GetName() string

GetName returns the name of the Memsql.

func (*Memsql) GetSecretStoreID

func (m *Memsql) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Memsql.

func (*Memsql) GetTags

func (m *Memsql) GetTags() Tags

GetTags returns the tags of the Memsql.

func (*Memsql) SetBindInterface

func (m *Memsql) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Memsql.

func (*Memsql) SetEgressFilter

func (m *Memsql) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Memsql.

func (*Memsql) SetName

func (m *Memsql) SetName(v string)

SetName sets the name of the Memsql.

func (*Memsql) SetSecretStoreID

func (m *Memsql) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Memsql.

func (*Memsql) SetTags

func (m *Memsql) SetTags(v Tags)

SetTags sets the tags of the Memsql.

type MongoHost

type MongoHost struct {
	// The authentication database to use.
	AuthDatabase string `json:"authDatabase"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

MongoHost is currently unstable, and its API may change, or it may be removed, without a major version bump.

func (*MongoHost) GetBindInterface

func (m *MongoHost) GetBindInterface() string

GetBindInterface returns the bind interface of the MongoHost.

func (*MongoHost) GetEgressFilter

func (m *MongoHost) GetEgressFilter() string

GetEgressFilter returns the egress filter of the MongoHost.

func (*MongoHost) GetID

func (m *MongoHost) GetID() string

GetID returns the unique identifier of the MongoHost.

func (*MongoHost) GetName

func (m *MongoHost) GetName() string

GetName returns the name of the MongoHost.

func (*MongoHost) GetSecretStoreID

func (m *MongoHost) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the MongoHost.

func (*MongoHost) GetTags

func (m *MongoHost) GetTags() Tags

GetTags returns the tags of the MongoHost.

func (*MongoHost) SetBindInterface

func (m *MongoHost) SetBindInterface(v string)

SetBindInterface sets the bind interface of the MongoHost.

func (*MongoHost) SetEgressFilter

func (m *MongoHost) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the MongoHost.

func (*MongoHost) SetName

func (m *MongoHost) SetName(v string)

SetName sets the name of the MongoHost.

func (*MongoHost) SetSecretStoreID

func (m *MongoHost) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the MongoHost.

func (*MongoHost) SetTags

func (m *MongoHost) SetTags(v Tags)

SetTags sets the tags of the MongoHost.

type MongoLegacyHost

type MongoLegacyHost struct {
	// The authentication database to use.
	AuthDatabase string `json:"authDatabase"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The name of the mongo replicaset.
	ReplicaSet string `json:"replicaSet"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*MongoLegacyHost) GetBindInterface

func (m *MongoLegacyHost) GetBindInterface() string

GetBindInterface returns the bind interface of the MongoLegacyHost.

func (*MongoLegacyHost) GetEgressFilter

func (m *MongoLegacyHost) GetEgressFilter() string

GetEgressFilter returns the egress filter of the MongoLegacyHost.

func (*MongoLegacyHost) GetID

func (m *MongoLegacyHost) GetID() string

GetID returns the unique identifier of the MongoLegacyHost.

func (*MongoLegacyHost) GetName

func (m *MongoLegacyHost) GetName() string

GetName returns the name of the MongoLegacyHost.

func (*MongoLegacyHost) GetSecretStoreID

func (m *MongoLegacyHost) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the MongoLegacyHost.

func (*MongoLegacyHost) GetTags

func (m *MongoLegacyHost) GetTags() Tags

GetTags returns the tags of the MongoLegacyHost.

func (*MongoLegacyHost) SetBindInterface

func (m *MongoLegacyHost) SetBindInterface(v string)

SetBindInterface sets the bind interface of the MongoLegacyHost.

func (*MongoLegacyHost) SetEgressFilter

func (m *MongoLegacyHost) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the MongoLegacyHost.

func (*MongoLegacyHost) SetName

func (m *MongoLegacyHost) SetName(v string)

SetName sets the name of the MongoLegacyHost.

func (*MongoLegacyHost) SetSecretStoreID

func (m *MongoLegacyHost) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the MongoLegacyHost.

func (*MongoLegacyHost) SetTags

func (m *MongoLegacyHost) SetTags(v Tags)

SetTags sets the tags of the MongoLegacyHost.

type MongoLegacyReplicaset

type MongoLegacyReplicaset struct {
	// The authentication database to use.
	AuthDatabase string `json:"authDatabase"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// Set to connect to a replica instead of the primary node.
	ConnectToReplica bool `json:"connectToReplica"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The name of the mongo replicaset.
	ReplicaSet string `json:"replicaSet"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*MongoLegacyReplicaset) GetBindInterface

func (m *MongoLegacyReplicaset) GetBindInterface() string

GetBindInterface returns the bind interface of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) GetEgressFilter

func (m *MongoLegacyReplicaset) GetEgressFilter() string

GetEgressFilter returns the egress filter of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) GetID

func (m *MongoLegacyReplicaset) GetID() string

GetID returns the unique identifier of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) GetName

func (m *MongoLegacyReplicaset) GetName() string

GetName returns the name of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) GetSecretStoreID

func (m *MongoLegacyReplicaset) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) GetTags

func (m *MongoLegacyReplicaset) GetTags() Tags

GetTags returns the tags of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) SetBindInterface

func (m *MongoLegacyReplicaset) SetBindInterface(v string)

SetBindInterface sets the bind interface of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) SetEgressFilter

func (m *MongoLegacyReplicaset) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) SetName

func (m *MongoLegacyReplicaset) SetName(v string)

SetName sets the name of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) SetSecretStoreID

func (m *MongoLegacyReplicaset) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the MongoLegacyReplicaset.

func (*MongoLegacyReplicaset) SetTags

func (m *MongoLegacyReplicaset) SetTags(v Tags)

SetTags sets the tags of the MongoLegacyReplicaset.

type MongoReplicaSet

type MongoReplicaSet struct {
	// The authentication database to use.
	AuthDatabase string `json:"authDatabase"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// Set to connect to a replica instead of the primary node.
	ConnectToReplica bool `json:"connectToReplica"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The name of the mongo replicaset.
	ReplicaSet string `json:"replicaSet"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

MongoReplicaSet is currently unstable, and its API may change, or it may be removed, without a major version bump.

func (*MongoReplicaSet) GetBindInterface

func (m *MongoReplicaSet) GetBindInterface() string

GetBindInterface returns the bind interface of the MongoReplicaSet.

func (*MongoReplicaSet) GetEgressFilter

func (m *MongoReplicaSet) GetEgressFilter() string

GetEgressFilter returns the egress filter of the MongoReplicaSet.

func (*MongoReplicaSet) GetID

func (m *MongoReplicaSet) GetID() string

GetID returns the unique identifier of the MongoReplicaSet.

func (*MongoReplicaSet) GetName

func (m *MongoReplicaSet) GetName() string

GetName returns the name of the MongoReplicaSet.

func (*MongoReplicaSet) GetSecretStoreID

func (m *MongoReplicaSet) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the MongoReplicaSet.

func (*MongoReplicaSet) GetTags

func (m *MongoReplicaSet) GetTags() Tags

GetTags returns the tags of the MongoReplicaSet.

func (*MongoReplicaSet) SetBindInterface

func (m *MongoReplicaSet) SetBindInterface(v string)

SetBindInterface sets the bind interface of the MongoReplicaSet.

func (*MongoReplicaSet) SetEgressFilter

func (m *MongoReplicaSet) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the MongoReplicaSet.

func (*MongoReplicaSet) SetName

func (m *MongoReplicaSet) SetName(v string)

SetName sets the name of the MongoReplicaSet.

func (*MongoReplicaSet) SetSecretStoreID

func (m *MongoReplicaSet) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the MongoReplicaSet.

func (*MongoReplicaSet) SetTags

func (m *MongoReplicaSet) SetTags(v Tags)

SetTags sets the tags of the MongoReplicaSet.

type MongoShardedCluster

type MongoShardedCluster struct {
	// The authentication database to use.
	AuthDatabase string `json:"authDatabase"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

MongoShardedCluster is currently unstable, and its API may change, or it may be removed, without a major version bump.

func (*MongoShardedCluster) GetBindInterface

func (m *MongoShardedCluster) GetBindInterface() string

GetBindInterface returns the bind interface of the MongoShardedCluster.

func (*MongoShardedCluster) GetEgressFilter

func (m *MongoShardedCluster) GetEgressFilter() string

GetEgressFilter returns the egress filter of the MongoShardedCluster.

func (*MongoShardedCluster) GetID

func (m *MongoShardedCluster) GetID() string

GetID returns the unique identifier of the MongoShardedCluster.

func (*MongoShardedCluster) GetName

func (m *MongoShardedCluster) GetName() string

GetName returns the name of the MongoShardedCluster.

func (*MongoShardedCluster) GetSecretStoreID

func (m *MongoShardedCluster) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the MongoShardedCluster.

func (*MongoShardedCluster) GetTags

func (m *MongoShardedCluster) GetTags() Tags

GetTags returns the tags of the MongoShardedCluster.

func (*MongoShardedCluster) SetBindInterface

func (m *MongoShardedCluster) SetBindInterface(v string)

SetBindInterface sets the bind interface of the MongoShardedCluster.

func (*MongoShardedCluster) SetEgressFilter

func (m *MongoShardedCluster) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the MongoShardedCluster.

func (*MongoShardedCluster) SetName

func (m *MongoShardedCluster) SetName(v string)

SetName sets the name of the MongoShardedCluster.

func (*MongoShardedCluster) SetSecretStoreID

func (m *MongoShardedCluster) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the MongoShardedCluster.

func (*MongoShardedCluster) SetTags

func (m *MongoShardedCluster) SetTags(v Tags)

SetTags sets the tags of the MongoShardedCluster.

type Mysql

type Mysql struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The database for healthchecks. Does not affect client requests.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// Whether native auth (mysql_native_password) is used for all connections (for backwards compatibility)
	RequireNativeAuth bool `json:"requireNativeAuth"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If true, appends the hostname to the username when hitting a database.azure.com address
	UseAzureSingleServerUsernames bool `json:"useAzureSingleServerUsernames"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Mysql) GetBindInterface

func (m *Mysql) GetBindInterface() string

GetBindInterface returns the bind interface of the Mysql.

func (*Mysql) GetEgressFilter

func (m *Mysql) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Mysql.

func (*Mysql) GetID

func (m *Mysql) GetID() string

GetID returns the unique identifier of the Mysql.

func (*Mysql) GetName

func (m *Mysql) GetName() string

GetName returns the name of the Mysql.

func (*Mysql) GetSecretStoreID

func (m *Mysql) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Mysql.

func (*Mysql) GetTags

func (m *Mysql) GetTags() Tags

GetTags returns the tags of the Mysql.

func (*Mysql) SetBindInterface

func (m *Mysql) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Mysql.

func (*Mysql) SetEgressFilter

func (m *Mysql) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Mysql.

func (*Mysql) SetName

func (m *Mysql) SetName(v string)

SetName sets the name of the Mysql.

func (*Mysql) SetSecretStoreID

func (m *Mysql) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Mysql.

func (*Mysql) SetTags

func (m *Mysql) SetTags(v Tags)

SetTags sets the tags of the Mysql.

type Neptune

type Neptune struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The neptune endpoint to connect to as in endpoint.region.neptune.amazonaws.com
	Endpoint string `json:"endpoint"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*Neptune) GetBindInterface

func (m *Neptune) GetBindInterface() string

GetBindInterface returns the bind interface of the Neptune.

func (*Neptune) GetEgressFilter

func (m *Neptune) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Neptune.

func (*Neptune) GetID

func (m *Neptune) GetID() string

GetID returns the unique identifier of the Neptune.

func (*Neptune) GetName

func (m *Neptune) GetName() string

GetName returns the name of the Neptune.

func (*Neptune) GetSecretStoreID

func (m *Neptune) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Neptune.

func (*Neptune) GetTags

func (m *Neptune) GetTags() Tags

GetTags returns the tags of the Neptune.

func (*Neptune) SetBindInterface

func (m *Neptune) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Neptune.

func (*Neptune) SetEgressFilter

func (m *Neptune) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Neptune.

func (*Neptune) SetName

func (m *Neptune) SetName(v string)

SetName sets the name of the Neptune.

func (*Neptune) SetSecretStoreID

func (m *Neptune) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Neptune.

func (*Neptune) SetTags

func (m *Neptune) SetTags(v Tags)

SetTags sets the tags of the Neptune.

type NeptuneIAM

type NeptuneIAM struct {
	// The Access Key ID to use to authenticate.
	AccessKey string `json:"accessKey"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The neptune endpoint to connect to as in endpoint.region.neptune.amazonaws.com
	Endpoint string `json:"endpoint"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to.
	Region string `json:"region"`
	// The role to assume after logging in.
	RoleArn string `json:"roleArn"`
	// The external ID to associate with assume role requests. Does nothing if a role ARN is not provided.
	RoleExternalID string `json:"roleExternalId"`
	// The Secret Access Key to use to authenticate.
	SecretAccessKey string `json:"secretAccessKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*NeptuneIAM) GetBindInterface

func (m *NeptuneIAM) GetBindInterface() string

GetBindInterface returns the bind interface of the NeptuneIAM.

func (*NeptuneIAM) GetEgressFilter

func (m *NeptuneIAM) GetEgressFilter() string

GetEgressFilter returns the egress filter of the NeptuneIAM.

func (*NeptuneIAM) GetID

func (m *NeptuneIAM) GetID() string

GetID returns the unique identifier of the NeptuneIAM.

func (*NeptuneIAM) GetName

func (m *NeptuneIAM) GetName() string

GetName returns the name of the NeptuneIAM.

func (*NeptuneIAM) GetSecretStoreID

func (m *NeptuneIAM) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the NeptuneIAM.

func (*NeptuneIAM) GetTags

func (m *NeptuneIAM) GetTags() Tags

GetTags returns the tags of the NeptuneIAM.

func (*NeptuneIAM) SetBindInterface

func (m *NeptuneIAM) SetBindInterface(v string)

SetBindInterface sets the bind interface of the NeptuneIAM.

func (*NeptuneIAM) SetEgressFilter

func (m *NeptuneIAM) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the NeptuneIAM.

func (*NeptuneIAM) SetName

func (m *NeptuneIAM) SetName(v string)

SetName sets the name of the NeptuneIAM.

func (*NeptuneIAM) SetSecretStoreID

func (m *NeptuneIAM) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the NeptuneIAM.

func (*NeptuneIAM) SetTags

func (m *NeptuneIAM) SetTags(v Tags)

SetTags sets the tags of the NeptuneIAM.

type Node

type Node interface {
	// GetID returns the unique identifier of the Node.
	GetID() string
	// GetTags returns the tags of the Node.
	GetTags() Tags
	// SetTags sets the tags of the Node.
	SetTags(Tags)
	// GetName returns the name of the Node.
	GetName() string
	// SetName sets the name of the Node.
	SetName(string)
	// contains filtered or unexported methods
}

Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes: 1. **Relay:** creates connectivity to your datasources, while maintaining the egress-only nature of your firewall 1. **Gateways:** a relay that also listens for connections from strongDM clients

type NodeCreateResponse

type NodeCreateResponse struct {
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// The created Node.
	Node Node `json:"node"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The auth token generated for the Node. The Node will use this token to
	// authenticate with the strongDM API.
	Token string `json:"token"`
}

NodeCreateResponse reports how the Nodes were created in the system.

type NodeDeleteResponse

type NodeDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

NodeDeleteResponse returns information about a Node that was deleted.

type NodeGetResponse

type NodeGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// The requested Node.
	Node Node `json:"node"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

NodeGetResponse returns a requested Node.

type NodeHistory

type NodeHistory struct {
	// The unique identifier of the Activity that produced this change to the Node.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this Node was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The complete Node state at this time.
	Node Node `json:"node"`
	// The time at which the Node state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

NodeHistory records the state of a Node at a given point in time, where every change (create, update and delete) to a Node produces an NodeHistory record.

type NodeHistoryIterator

type NodeHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *NodeHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

NodeHistoryIterator provides read access to a list of NodeHistory. Use it like so:

for iterator.Next() {
    nodeHistory := iterator.Value()
    // ...
}

type NodeIterator

type NodeIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() Node
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

NodeIterator provides read access to a list of Node. Use it like so:

for iterator.Next() {
    node := iterator.Value()
    // ...
}

type NodeMaintenanceWindow

type NodeMaintenanceWindow struct {
	// Cron job syntax for when this maintenance window is active. On this schedule, associated
	// nodes will restart if requested, provided other checks allow the restart to proceed. Times
	// are represented in UTC.
	// e.g. * 7 * * 0,6 to check for a restart at every minute from 7:00 to 8:00 UTC on Sunday and
	// Saturday. Not all possible inputs are supported: the month and day of month selections
	// must be '*'.
	CronSchedule string `json:"cronSchedule"`
	// Require Idleness defines whether this window can sever live connections. If true,
	// this window will not allow a node to be restarted unless it is serving no connections.
	// If false, given a restart of the node has been requested (for an update, usually), the
	// node will restart as soon as it enters an allowed day / hour combination. At least one
	// maintenance window, out of all configured windows for a node, must have this as false.
	RequireIdleness bool `json:"requireIdleness"`
}

type NodeUpdateResponse

type NodeUpdateResponse struct {
	// Reserved for future use.
	Meta *UpdateResponseMetadata `json:"meta"`
	// The updated Node.
	Node Node `json:"node"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

NodeUpdateResponse returns the fields of a Node after it has been updated by a NodeUpdateRequest.

type Nodes

type Nodes struct {
	// contains filtered or unexported fields
}

Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes: - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers. - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.

func (*Nodes) Create

func (svc *Nodes) Create(
	ctx context.Context,
	node Node) (
	*NodeCreateResponse,
	error)

Create registers a new Node.

func (*Nodes) Delete

func (svc *Nodes) Delete(
	ctx context.Context,
	id string) (
	*NodeDeleteResponse,
	error)

Delete removes a Node by ID.

func (*Nodes) Get

func (svc *Nodes) Get(
	ctx context.Context,
	id string) (
	*NodeGetResponse,
	error)

Get reads one Node by ID.

func (*Nodes) List

func (svc *Nodes) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	NodeIterator,
	error)

List gets a list of Nodes matching a given set of criteria.

func (*Nodes) Update

func (svc *Nodes) Update(
	ctx context.Context,
	node Node) (
	*NodeUpdateResponse,
	error)

Update replaces all the fields of a Node by ID.

type NodesHistory

type NodesHistory struct {
	// contains filtered or unexported fields
}

NodesHistory records all changes to the state of a Node.

func (*NodesHistory) List

func (svc *NodesHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	NodeHistoryIterator,
	error)

List gets a list of NodeHistory records matching a given set of criteria.

type NotFoundError

type NotFoundError struct {
	// Message is the error content.
	Message string
}

NotFoundError is used when an entity does not exist in the system

func (NotFoundError) Code

func (e NotFoundError) Code() int

func (NotFoundError) Error

func (e NotFoundError) Error() string

type Oracle

type Oracle struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Oracle) GetBindInterface

func (m *Oracle) GetBindInterface() string

GetBindInterface returns the bind interface of the Oracle.

func (*Oracle) GetEgressFilter

func (m *Oracle) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Oracle.

func (*Oracle) GetID

func (m *Oracle) GetID() string

GetID returns the unique identifier of the Oracle.

func (*Oracle) GetName

func (m *Oracle) GetName() string

GetName returns the name of the Oracle.

func (*Oracle) GetSecretStoreID

func (m *Oracle) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Oracle.

func (*Oracle) GetTags

func (m *Oracle) GetTags() Tags

GetTags returns the tags of the Oracle.

func (*Oracle) SetBindInterface

func (m *Oracle) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Oracle.

func (*Oracle) SetEgressFilter

func (m *Oracle) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Oracle.

func (*Oracle) SetName

func (m *Oracle) SetName(v string)

SetName sets the name of the Oracle.

func (*Oracle) SetSecretStoreID

func (m *Oracle) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Oracle.

func (*Oracle) SetTags

func (m *Oracle) SetTags(v Tags)

SetTags sets the tags of the Oracle.

type Organization

type Organization struct {
	// The Organization's authentication provider.
	AuthProvider string `json:"authProvider"`
	// The time at which the Organization was created.
	CreatedAt time.Time `json:"createdAt"`
	// The Organization's idle timeout, if enabled.
	IdleTimeout time.Duration `json:"idleTimeout"`
	// Indicates if the Organization has idle timeouts enabled.
	IdleTimeoutEnabled bool `json:"idleTimeoutEnabled"`
	// The Organization's type.
	Kind string `json:"kind"`
	// The Organization's local log encryption encoder.
	LogLocalEncoder string `json:"logLocalEncoder"`
	// The Organization's local log format.
	LogLocalFormat string `json:"logLocalFormat"`
	// The Organization's local log storage.
	LogLocalStorage string `json:"logLocalStorage"`
	// The Organization's remote log encryption encoder.
	LogRemoteEncoder string `json:"logRemoteEncoder"`
	// The Organization's socket path for Socket local log storage.
	LogSocketPath string `json:"logSocketPath"`
	// The Organization's TCP address for TCP or Syslog local log storage.
	LogTCPAddress string `json:"logTcpAddress"`
	// Indicates if the Organization has multi-factor authentication enabled.
	MFAEnabled bool `json:"mfaEnabled"`
	// The Organization's multi-factor authentication provider, if enabled.
	MFAProvider string `json:"mfaProvider"`
	// The Organization's name.
	Name string `json:"name"`
	// Indicates if the Organization requires secret stores.
	RequireSecretStore bool `json:"requireSecretStore"`
	// The Organization's URL for SAML metadata.
	SAMLMetadataURL string `json:"samlMetadataUrl"`
	// The Organization's SCIM provider.
	SCIMProvider string `json:"scimProvider"`
	// The Organization's label for sensitive resources.
	SensitiveLabel string `json:"sensitiveLabel"`
	// The Organization's session timeout, if enabled.
	SessionTimeout time.Duration `json:"sessionTimeout"`
	// Indicates if the Organization has session timeouts enabled.
	SessionTimeoutEnabled bool `json:"sessionTimeoutEnabled"`
	// The Organization's SSH certificate authority public key.
	SSHCertificateAuthorityPublicKey string `json:"sshCertificateAuthorityPublicKey"`
	// The time at which the Organization's SSH certificate authority was last updated.
	SSHCertificateAuthorityUpdatedAt time.Time `json:"sshCertificateAuthorityUpdatedAt"`
	// The time at which the Organization was last updated.
	UpdatedAt time.Time `json:"updatedAt"`
	// The Organization's web site domain.
	WebsitesSubdomain string `json:"websitesSubdomain"`
}

type OrganizationHistory

type OrganizationHistory struct {
	// contains filtered or unexported fields
}

OrganizationHistory records all changes to the state of an Organization.

func (*OrganizationHistory) List

func (svc *OrganizationHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	OrganizationHistoryRecordIterator,
	error)

List gets a list of OrganizationHistory records matching a given set of criteria.

type OrganizationHistoryRecord

type OrganizationHistoryRecord struct {
	// The unique identifier of the Activity that produced this change to the Organization.
	// May be empty for some system-initiated organization updates.
	ActivityID string `json:"activityId"`
	// The complete Organization state at this time.
	Organization *Organization `json:"organization"`
	// The time at which the Organization state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

OrganizationHistoryRecord records the state of an Organization at a given point in time, where every change to an Organization produces an OrganizationHistoryRecord.

type OrganizationHistoryRecordIterator

type OrganizationHistoryRecordIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *OrganizationHistoryRecord
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

OrganizationHistoryRecordIterator provides read access to a list of OrganizationHistoryRecord. Use it like so:

for iterator.Next() {
    organizationHistoryRecord := iterator.Value()
    // ...
}

type PeeringGroup

type PeeringGroup struct {
	// Unique identifier of the PeeringGroup.
	ID string `json:"id"`
	// Unique human-readable name of the PeeringGroup.
	Name string `json:"name"`
}

PeeringGroups are the building blocks used for explicit network topology making. They may be linked to other peering groups. Sets of PeeringGroupResource and PeeringGroupNode can be attached to a peering group.

type PeeringGroupCreateResponse

type PeeringGroupCreateResponse struct {
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// The created PeeringGroup.
	PeeringGroup *PeeringGroup `json:"peeringGroup"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupCreateResponse reports how the PeeringGroup was created in the system.

type PeeringGroupDeleteResponse

type PeeringGroupDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupDeleteResponse returns information about a PeeringGroup that was deleted.

type PeeringGroupGetResponse

type PeeringGroupGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// The requested PeeringGroup.
	PeeringGroup *PeeringGroup `json:"peeringGroup"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupGetResponse returns a requested PeeringGroup.

type PeeringGroupIterator

type PeeringGroupIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *PeeringGroup
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

PeeringGroupIterator provides read access to a list of PeeringGroup. Use it like so:

for iterator.Next() {
    peeringGroup := iterator.Value()
    // ...
}

type PeeringGroupNode

type PeeringGroupNode struct {
	// Peering Group ID to which the node will be attached to.
	GroupID string `json:"groupId"`
	// Unique identifier of the Attachment.
	ID string `json:"id"`
	// Node ID to be attached.
	NodeID string `json:"nodeId"`
}

PeeringGroupNode represents the attachment between a PeeringGroup and a Node.

type PeeringGroupNodeCreateResponse

type PeeringGroupNodeCreateResponse struct {
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// The created PeeringGroupNode.
	PeeringGroupNode *PeeringGroupNode `json:"peeringGroupNode"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupNodeCreateResponse reports how the PeeringGroupNode was created in the system.

type PeeringGroupNodeDeleteResponse

type PeeringGroupNodeDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupNodeDeleteResponse returns information about a PeeringGroupNode that was deleted.

type PeeringGroupNodeGetResponse

type PeeringGroupNodeGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// The requested PeeringGroupNode.
	PeeringGroupNode *PeeringGroupNode `json:"peeringGroupNode"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupNodeGetResponse returns a requested PeeringGroupNode.

type PeeringGroupNodeIterator

type PeeringGroupNodeIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *PeeringGroupNode
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

PeeringGroupNodeIterator provides read access to a list of PeeringGroupNode. Use it like so:

for iterator.Next() {
    peeringGroupNode := iterator.Value()
    // ...
}

type PeeringGroupNodes

type PeeringGroupNodes struct {
	// contains filtered or unexported fields
}

PeeringGroupNodes provides the building blocks necessary to obtain attach a node to a peering group.

func (*PeeringGroupNodes) Create

func (svc *PeeringGroupNodes) Create(
	ctx context.Context,
	peeringGroupNode *PeeringGroupNode) (
	*PeeringGroupNodeCreateResponse,
	error)

Create attaches a Node to a PeeringGroup

func (*PeeringGroupNodes) Delete

Delete detaches a Node to a PeeringGroup.

func (*PeeringGroupNodes) Get

Get reads the information of one peering group to node attachment.

func (*PeeringGroupNodes) List

func (svc *PeeringGroupNodes) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	PeeringGroupNodeIterator,
	error)

List gets a list of peering group node attachments.

type PeeringGroupPeer

type PeeringGroupPeer struct {
	// Group ID from which the link will originate.
	GroupID string `json:"groupId"`
	// Unique identifier of the Attachment.
	ID string `json:"id"`
	// Peering Group ID to which Group ID will link.
	PeersWithGroupID string `json:"peersWithGroupId"`
}

PeeringGroupPeer represents the link between two PeeringGroups

type PeeringGroupPeerCreateResponse

type PeeringGroupPeerCreateResponse struct {
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// The created PeeringGroupPeer.
	PeeringGroupPeer *PeeringGroupPeer `json:"peeringGroupPeer"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupPeerCreateResponse reports how the PeeringGroupPeer was created in the system.

type PeeringGroupPeerDeleteResponse

type PeeringGroupPeerDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupPeerDeleteResponse returns information about a PeeringGroupPeer that was deleted.

type PeeringGroupPeerGetResponse

type PeeringGroupPeerGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// The requested PeeringGroupPeer.
	PeeringGroupPeer *PeeringGroupPeer `json:"peeringGroupPeer"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupPeerGetResponse returns a requested PeeringGroupPeer.

type PeeringGroupPeerIterator

type PeeringGroupPeerIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *PeeringGroupPeer
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

PeeringGroupPeerIterator provides read access to a list of PeeringGroupPeer. Use it like so:

for iterator.Next() {
    peeringGroupPeer := iterator.Value()
    // ...
}

type PeeringGroupPeers

type PeeringGroupPeers struct {
	// contains filtered or unexported fields
}

PeeringGroupPeers provides the building blocks necessary to link two peering groups.

func (*PeeringGroupPeers) Create

func (svc *PeeringGroupPeers) Create(
	ctx context.Context,
	peeringGroupPeer *PeeringGroupPeer) (
	*PeeringGroupPeerCreateResponse,
	error)

Create links two peering groups.

func (*PeeringGroupPeers) Delete

Delete unlinks two peering groups.

func (*PeeringGroupPeers) Get

Get reads the information of one peering group link.

func (*PeeringGroupPeers) List

func (svc *PeeringGroupPeers) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	PeeringGroupPeerIterator,
	error)

List gets a list of peering group links.

type PeeringGroupResource

type PeeringGroupResource struct {
	// Peering Group ID to which the resource will be attached to.
	GroupID string `json:"groupId"`
	// Unique identifier of the Attachment.
	ID string `json:"id"`
	// Resource ID to be attached.
	ResourceID string `json:"resourceId"`
}

PeeringGroupResource represents the attachment between a PeeringGroup and a Resource.

type PeeringGroupResourceCreateResponse

type PeeringGroupResourceCreateResponse struct {
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// The created PeeringGroupResource.
	PeeringGroupResource *PeeringGroupResource `json:"peeringGroupResource"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupResourceCreateResponse reports how the attachment was created in the system.

type PeeringGroupResourceDeleteResponse

type PeeringGroupResourceDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupResourceDeleteResponse returns information about a PeeringGroupResource that was deleted.

type PeeringGroupResourceGetResponse

type PeeringGroupResourceGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// The requested PeeringGroupResource.
	PeeringGroupResource *PeeringGroupResource `json:"peeringGroupResource"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

PeeringGroupResourceGetResponse returns a requested PeeringGroupResource.

type PeeringGroupResourceIterator

type PeeringGroupResourceIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *PeeringGroupResource
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

PeeringGroupResourceIterator provides read access to a list of PeeringGroupResource. Use it like so:

for iterator.Next() {
    peeringGroupResource := iterator.Value()
    // ...
}

type PeeringGroupResources

type PeeringGroupResources struct {
	// contains filtered or unexported fields
}

PeeringGroupResources provides the building blocks necessary to obtain attach a resource to a peering group.

func (*PeeringGroupResources) Create

Create attaches a Resource to a PeeringGroup

func (*PeeringGroupResources) Delete

Delete detaches a Resource to a PeeringGroup

func (*PeeringGroupResources) Get

Get reads the information of one peering group to resource attachment.

func (*PeeringGroupResources) List

func (svc *PeeringGroupResources) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	PeeringGroupResourceIterator,
	error)

List gets a list of peering group resource attachments.

type PeeringGroups

type PeeringGroups struct {
	// contains filtered or unexported fields
}

PeeringGroups provides the building blocks necessary to obtain explicit network topology and routing.

func (*PeeringGroups) Create

func (svc *PeeringGroups) Create(
	ctx context.Context,
	peeringGroup *PeeringGroup) (
	*PeeringGroupCreateResponse,
	error)

Create registers a new PeeringGroup.

func (*PeeringGroups) Delete

Delete removes a PeeringGroup by ID.

func (*PeeringGroups) Get

Get reads one PeeringGroup by ID. It will load all its dependencies.

func (*PeeringGroups) List

func (svc *PeeringGroups) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	PeeringGroupIterator,
	error)

List gets a list of Peering Groups.

type PermissionError

type PermissionError struct {
	// Message is the error content.
	Message string
}

PermissionError is used to specify a permissions violation

func (PermissionError) Code

func (e PermissionError) Code() int

func (PermissionError) Error

func (e PermissionError) Error() string

type Postgres

type Postgres struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Postgres) GetBindInterface

func (m *Postgres) GetBindInterface() string

GetBindInterface returns the bind interface of the Postgres.

func (*Postgres) GetEgressFilter

func (m *Postgres) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Postgres.

func (*Postgres) GetID

func (m *Postgres) GetID() string

GetID returns the unique identifier of the Postgres.

func (*Postgres) GetName

func (m *Postgres) GetName() string

GetName returns the name of the Postgres.

func (*Postgres) GetSecretStoreID

func (m *Postgres) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Postgres.

func (*Postgres) GetTags

func (m *Postgres) GetTags() Tags

GetTags returns the tags of the Postgres.

func (*Postgres) SetBindInterface

func (m *Postgres) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Postgres.

func (*Postgres) SetEgressFilter

func (m *Postgres) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Postgres.

func (*Postgres) SetName

func (m *Postgres) SetName(v string)

SetName sets the name of the Postgres.

func (*Postgres) SetSecretStoreID

func (m *Postgres) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Postgres.

func (*Postgres) SetTags

func (m *Postgres) SetTags(v Tags)

SetTags sets the tags of the Postgres.

type Presto

type Presto struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Presto) GetBindInterface

func (m *Presto) GetBindInterface() string

GetBindInterface returns the bind interface of the Presto.

func (*Presto) GetEgressFilter

func (m *Presto) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Presto.

func (*Presto) GetID

func (m *Presto) GetID() string

GetID returns the unique identifier of the Presto.

func (*Presto) GetName

func (m *Presto) GetName() string

GetName returns the name of the Presto.

func (*Presto) GetSecretStoreID

func (m *Presto) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Presto.

func (*Presto) GetTags

func (m *Presto) GetTags() Tags

GetTags returns the tags of the Presto.

func (*Presto) SetBindInterface

func (m *Presto) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Presto.

func (*Presto) SetEgressFilter

func (m *Presto) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Presto.

func (*Presto) SetName

func (m *Presto) SetName(v string)

SetName sets the name of the Presto.

func (*Presto) SetSecretStoreID

func (m *Presto) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Presto.

func (*Presto) SetTags

func (m *Presto) SetTags(v Tags)

SetTags sets the tags of the Presto.

type Queries

type Queries struct {
	// contains filtered or unexported fields
}

A Query is a record of a single client request to a resource, such as a SQL query. Long-running SSH, RDP, or Kubernetes interactive sessions also count as queries. The Queries service is read-only.

func (*Queries) List

func (svc *Queries) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	QueryIterator,
	error)

List gets a list of Queries matching a given set of criteria.

type Query

type Query struct {
	// The email of the account performing this query, at the time the query was executed.
	// If the account email is later changed, that change will not be reflected via this field.
	AccountEmail string `json:"accountEmail"`
	// The given name of the account performing this query, at the time the query was executed.
	// If the account is later renamed, that change will not be reflected via this field.
	AccountFirstName string `json:"accountFirstName"`
	// Unique identifier of the Account that performed the Query.
	AccountID string `json:"accountId"`
	// The family name of the account performing this query, at the time the query was executed.
	// If the account is later renamed, that change will not be reflected via this field.
	AccountLastName string `json:"accountLastName"`
	// The tags of the account accessed, at the time the query was executed. If the account
	// tags are later changed, that change will not be reflected via this field.
	AccountTags Tags `json:"accountTags"`
	// For queries against SSH, Kubernetes, and RDP resources, this contains additional information
	// about the captured query.
	Capture *QueryCapture `json:"capture"`
	// The IP address the Query was performed from, as detected at the StrongDM control plane.
	ClientIP string `json:"clientIp"`
	// The time at which the Query was completed.
	// Empty if this record indicates the start of a long-running query.
	CompletedAt time.Time `json:"completedAt"`
	// The duration of the Query.
	Duration time.Duration `json:"duration"`
	// The unique ID of the node through which the Resource was accessed.
	EgressNodeID string `json:"egressNodeId"`
	// Indicates that the body of the Query is encrypted.
	Encrypted bool `json:"encrypted"`
	// Unique identifier of the Query.
	ID string `json:"id"`
	// The captured content of the Query.
	// For queries against SSH, Kubernetes, and RDP resources, this contains a JSON representation of the QueryCapture.
	QueryBody string `json:"queryBody"`
	// The general category of Resource against which Query was performed, e.g. "web" or "cloud".
	QueryCategory string `json:"queryCategory"`
	// The hash of the body of the Query.
	QueryHash string `json:"queryHash"`
	// The symmetric key used to encrypt the body of this Query and its replay if replayable.
	// If the Query is encrypted, this field contains an encrypted symmetric key in base64 encoding.
	// This key must be decrypted with the organization's private key to obtain the symmetric key needed to decrypt the body.
	// If the Query is not encrypted, this field is empty.
	QueryKey string `json:"queryKey"`
	// The number of records returned by the Query, for a database Resource.
	RecordCount int64 `json:"recordCount"`
	// The username of the RemoteIdentity used to access the Resource.
	RemoteIdentityUsername string `json:"remoteIdentityUsername"`
	// Indicates that the Query is replayable, e.g. for some SSH or K8s sessions.
	Replayable bool `json:"replayable"`
	// Unique identifier of the Resource against which the Query was performed.
	ResourceID string `json:"resourceId"`
	// The name of the resource accessed, at the time the query was executed. If the resource
	// is later renamed, that change will not be reflected via this field.
	ResourceName string `json:"resourceName"`
	// The tags of the resource accessed, at the time the query was executed. If the resource
	// tags are later changed, that change will not be reflected via this field.
	ResourceTags Tags `json:"resourceTags"`
	// The specific type of Resource against which the Query was performed, e.g. "ssh" or "postgres".
	ResourceType string `json:"resourceType"`
	// The IP address the Query was performed from, as detected at the ingress gateway.
	SourceIP string `json:"sourceIp"`
	// The time at which the Query was started.
	Timestamp time.Time `json:"timestamp"`
}

A Query is a record of a single client request to a resource, such as a SQL query. Longer-running queries including long-running SSH commands and SSH, RDP, or Kubernetes interactive sessions will return two Query records with the same identifier, one record at the start of the query and a second record upon the completion of the query with additional detail.

type QueryCapture

type QueryCapture struct {
	// The command executed on the client for a Kubernetes session.
	ClientCommand string `json:"clientCommand"`
	// The command executed over an SSH or Kubernetes session.
	Command string `json:"command"`
	// The target container of a Kubernetes operation.
	Container string `json:"container"`
	// The environment variables for an SSH or Kubernetes session.
	Env map[string]string `json:"env"`
	// The remote file name of an SCP operation.
	FileName string `json:"fileName"`
	// The file size transferred for an SCP operation.
	FileSize int64 `json:"fileSize"`
	// The height of the terminal or window for SSH, Kubernetes, and RDP interactive sessions.
	Height int32 `json:"height"`
	// The target pod of a Kubernetes operation.
	Pod string `json:"pod"`
	// The HTTP request body of a Kubernetes operation.
	RequestBody []byte `json:"requestBody"`
	// The HTTP request method of a Kubernetes operation.
	RequestMethod string `json:"requestMethod"`
	// The HTTP request URI of a Kubernetes operation.
	RequestURI string `json:"requestUri"`
	// The CaptureType of this query capture.
	Type string `json:"type"`
	// The width of the terminal or window for SSH, Kubernetes, and RDP interactive sessions.
	Width int32 `json:"width"`
}

A QueryCapture contains additional information about queries against SSH, Kubernetes, and RDP resources.

type QueryIterator

type QueryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *Query
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

QueryIterator provides read access to a list of Query. Use it like so:

for iterator.Next() {
    query := iterator.Value()
    // ...
}

type RDP

type RDP struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// When set, network level authentication will not be used. May resolve unexpected authentication errors to older servers. When set, healthchecks cannot detect if a provided username / password pair is correct.
	DowngradeNlaConnections bool `json:"downgradeNlaConnections"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// When set, require a resource lock to access the resource to ensure it can only be used by one user at a time.
	LockRequired bool `json:"lockRequired"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*RDP) GetBindInterface

func (m *RDP) GetBindInterface() string

GetBindInterface returns the bind interface of the RDP.

func (*RDP) GetEgressFilter

func (m *RDP) GetEgressFilter() string

GetEgressFilter returns the egress filter of the RDP.

func (*RDP) GetID

func (m *RDP) GetID() string

GetID returns the unique identifier of the RDP.

func (*RDP) GetName

func (m *RDP) GetName() string

GetName returns the name of the RDP.

func (*RDP) GetSecretStoreID

func (m *RDP) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the RDP.

func (*RDP) GetTags

func (m *RDP) GetTags() Tags

GetTags returns the tags of the RDP.

func (*RDP) SetBindInterface

func (m *RDP) SetBindInterface(v string)

SetBindInterface sets the bind interface of the RDP.

func (*RDP) SetEgressFilter

func (m *RDP) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the RDP.

func (*RDP) SetName

func (m *RDP) SetName(v string)

SetName sets the name of the RDP.

func (*RDP) SetSecretStoreID

func (m *RDP) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the RDP.

func (*RDP) SetTags

func (m *RDP) SetTags(v Tags)

SetTags sets the tags of the RDP.

type RDPCert

type RDPCert struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*RDPCert) GetBindInterface

func (m *RDPCert) GetBindInterface() string

GetBindInterface returns the bind interface of the RDPCert.

func (*RDPCert) GetEgressFilter

func (m *RDPCert) GetEgressFilter() string

GetEgressFilter returns the egress filter of the RDPCert.

func (*RDPCert) GetID

func (m *RDPCert) GetID() string

GetID returns the unique identifier of the RDPCert.

func (*RDPCert) GetName

func (m *RDPCert) GetName() string

GetName returns the name of the RDPCert.

func (*RDPCert) GetSecretStoreID

func (m *RDPCert) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the RDPCert.

func (*RDPCert) GetTags

func (m *RDPCert) GetTags() Tags

GetTags returns the tags of the RDPCert.

func (*RDPCert) SetBindInterface

func (m *RDPCert) SetBindInterface(v string)

SetBindInterface sets the bind interface of the RDPCert.

func (*RDPCert) SetEgressFilter

func (m *RDPCert) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the RDPCert.

func (*RDPCert) SetName

func (m *RDPCert) SetName(v string)

SetName sets the name of the RDPCert.

func (*RDPCert) SetSecretStoreID

func (m *RDPCert) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the RDPCert.

func (*RDPCert) SetTags

func (m *RDPCert) SetTags(v Tags)

SetTags sets the tags of the RDPCert.

type RDSPostgresIAM

type RDSPostgresIAM struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The AWS region to connect to.
	Region string `json:"region"`
	// If provided, the gateway/relay will try to assume this role instead of the underlying compute's role.
	RoleAssumptionArn string `json:"roleAssumptionArn"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*RDSPostgresIAM) GetBindInterface

func (m *RDSPostgresIAM) GetBindInterface() string

GetBindInterface returns the bind interface of the RDSPostgresIAM.

func (*RDSPostgresIAM) GetEgressFilter

func (m *RDSPostgresIAM) GetEgressFilter() string

GetEgressFilter returns the egress filter of the RDSPostgresIAM.

func (*RDSPostgresIAM) GetID

func (m *RDSPostgresIAM) GetID() string

GetID returns the unique identifier of the RDSPostgresIAM.

func (*RDSPostgresIAM) GetName

func (m *RDSPostgresIAM) GetName() string

GetName returns the name of the RDSPostgresIAM.

func (*RDSPostgresIAM) GetSecretStoreID

func (m *RDSPostgresIAM) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the RDSPostgresIAM.

func (*RDSPostgresIAM) GetTags

func (m *RDSPostgresIAM) GetTags() Tags

GetTags returns the tags of the RDSPostgresIAM.

func (*RDSPostgresIAM) SetBindInterface

func (m *RDSPostgresIAM) SetBindInterface(v string)

SetBindInterface sets the bind interface of the RDSPostgresIAM.

func (*RDSPostgresIAM) SetEgressFilter

func (m *RDSPostgresIAM) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the RDSPostgresIAM.

func (*RDSPostgresIAM) SetName

func (m *RDSPostgresIAM) SetName(v string)

SetName sets the name of the RDSPostgresIAM.

func (*RDSPostgresIAM) SetSecretStoreID

func (m *RDSPostgresIAM) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the RDSPostgresIAM.

func (*RDSPostgresIAM) SetTags

func (m *RDSPostgresIAM) SetTags(v Tags)

SetTags sets the tags of the RDSPostgresIAM.

type RabbitMQAMQP091

type RabbitMQAMQP091 struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*RabbitMQAMQP091) GetBindInterface

func (m *RabbitMQAMQP091) GetBindInterface() string

GetBindInterface returns the bind interface of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) GetEgressFilter

func (m *RabbitMQAMQP091) GetEgressFilter() string

GetEgressFilter returns the egress filter of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) GetID

func (m *RabbitMQAMQP091) GetID() string

GetID returns the unique identifier of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) GetName

func (m *RabbitMQAMQP091) GetName() string

GetName returns the name of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) GetSecretStoreID

func (m *RabbitMQAMQP091) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) GetTags

func (m *RabbitMQAMQP091) GetTags() Tags

GetTags returns the tags of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) SetBindInterface

func (m *RabbitMQAMQP091) SetBindInterface(v string)

SetBindInterface sets the bind interface of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) SetEgressFilter

func (m *RabbitMQAMQP091) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) SetName

func (m *RabbitMQAMQP091) SetName(v string)

SetName sets the name of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) SetSecretStoreID

func (m *RabbitMQAMQP091) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the RabbitMQAMQP091.

func (*RabbitMQAMQP091) SetTags

func (m *RabbitMQAMQP091) SetTags(v Tags)

SetTags sets the tags of the RabbitMQAMQP091.

type RateLimitError

type RateLimitError struct {
	// Message is the error content.
	Message string
	// RateLimit provides information on the bucket in use, and by how much it was exceeded.
	RateLimit *RateLimitMetadata
}

RateLimitError is used for rate limit excess condition

func (RateLimitError) Code

func (e RateLimitError) Code() int

func (RateLimitError) Error

func (e RateLimitError) Error() string

type RateLimitMetadata

type RateLimitMetadata struct {
	// The bucket this user/token is associated with, which may be shared between
	// multiple users/tokens.
	Bucket string `json:"bucket"`
	// How many total requests the user/token is authorized to make before being
	// rate limited.
	Limit int64 `json:"limit"`
	// How many remaining requests out of the limit are still avaialable.
	Remaining int64 `json:"remaining"`
	// The time when remaining will be reset to limit.
	ResetAt time.Time `json:"resetAt"`
}

RateLimitMetadata contains information about remaining requests avaialable to the user over some timeframe.

type RawTCP

type RawTCP struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*RawTCP) GetBindInterface

func (m *RawTCP) GetBindInterface() string

GetBindInterface returns the bind interface of the RawTCP.

func (*RawTCP) GetEgressFilter

func (m *RawTCP) GetEgressFilter() string

GetEgressFilter returns the egress filter of the RawTCP.

func (*RawTCP) GetID

func (m *RawTCP) GetID() string

GetID returns the unique identifier of the RawTCP.

func (*RawTCP) GetName

func (m *RawTCP) GetName() string

GetName returns the name of the RawTCP.

func (*RawTCP) GetSecretStoreID

func (m *RawTCP) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the RawTCP.

func (*RawTCP) GetTags

func (m *RawTCP) GetTags() Tags

GetTags returns the tags of the RawTCP.

func (*RawTCP) SetBindInterface

func (m *RawTCP) SetBindInterface(v string)

SetBindInterface sets the bind interface of the RawTCP.

func (*RawTCP) SetEgressFilter

func (m *RawTCP) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the RawTCP.

func (*RawTCP) SetName

func (m *RawTCP) SetName(v string)

SetName sets the name of the RawTCP.

func (*RawTCP) SetSecretStoreID

func (m *RawTCP) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the RawTCP.

func (*RawTCP) SetTags

func (m *RawTCP) SetTags(v Tags)

SetTags sets the tags of the RawTCP.

type Redis

type Redis struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If set, TLS must be used to connect to this resource.
	TlsRequired bool `json:"tlsRequired"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Redis) GetBindInterface

func (m *Redis) GetBindInterface() string

GetBindInterface returns the bind interface of the Redis.

func (*Redis) GetEgressFilter

func (m *Redis) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Redis.

func (*Redis) GetID

func (m *Redis) GetID() string

GetID returns the unique identifier of the Redis.

func (*Redis) GetName

func (m *Redis) GetName() string

GetName returns the name of the Redis.

func (*Redis) GetSecretStoreID

func (m *Redis) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Redis.

func (*Redis) GetTags

func (m *Redis) GetTags() Tags

GetTags returns the tags of the Redis.

func (*Redis) SetBindInterface

func (m *Redis) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Redis.

func (*Redis) SetEgressFilter

func (m *Redis) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Redis.

func (*Redis) SetName

func (m *Redis) SetName(v string)

SetName sets the name of the Redis.

func (*Redis) SetSecretStoreID

func (m *Redis) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Redis.

func (*Redis) SetTags

func (m *Redis) SetTags(v Tags)

SetTags sets the tags of the Redis.

type Redshift

type Redshift struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Redshift) GetBindInterface

func (m *Redshift) GetBindInterface() string

GetBindInterface returns the bind interface of the Redshift.

func (*Redshift) GetEgressFilter

func (m *Redshift) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Redshift.

func (*Redshift) GetID

func (m *Redshift) GetID() string

GetID returns the unique identifier of the Redshift.

func (*Redshift) GetName

func (m *Redshift) GetName() string

GetName returns the name of the Redshift.

func (*Redshift) GetSecretStoreID

func (m *Redshift) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Redshift.

func (*Redshift) GetTags

func (m *Redshift) GetTags() Tags

GetTags returns the tags of the Redshift.

func (*Redshift) SetBindInterface

func (m *Redshift) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Redshift.

func (*Redshift) SetEgressFilter

func (m *Redshift) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Redshift.

func (*Redshift) SetName

func (m *Redshift) SetName(v string)

SetName sets the name of the Redshift.

func (*Redshift) SetSecretStoreID

func (m *Redshift) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Redshift.

func (*Redshift) SetTags

func (m *Redshift) SetTags(v Tags)

SetTags sets the tags of the Redshift.

type Relay

type Relay struct {
	// Device is a read only device name uploaded by the gateway process when
	// it comes online.
	Device string `json:"device"`
	// GatewayFilter can be used to restrict the peering between relays and
	// gateways. Deprecated.
	GatewayFilter string `json:"gatewayFilter"`
	// Unique identifier of the Relay.
	ID string `json:"id"`
	// Location is a read only network location uploaded by the gateway process
	// when it comes online.
	Location string `json:"location"`
	// Maintenance Windows define when this node is allowed to restart. If a node
	// is requested to restart, it will check each window to determine if any of
	// them permit it to restart, and if any do, it will. This check is repeated
	// per window until the restart is successfully completed.
	//
	// If not set here, may be set on the command line or via an environment variable
	// on the process itself; any server setting will take precedence over local
	// settings. This setting is ineffective for nodes below version 38.44.0.
	//
	// If this setting is not applied via this remote configuration or via local
	// configuration, the default setting is used: always allow restarts if serving
	// no connections, and allow a restart even if serving connections between 7-8 UTC, any day.
	MaintenanceWindows []*NodeMaintenanceWindow `json:"maintenanceWindows"`
	// Unique human-readable name of the Relay. Node names must include only letters, numbers, and hyphens (no spaces, underscores, or other special characters). Generated if not provided on create.
	Name string `json:"name"`
	// The current state of the relay. One of: "new", "verifying_restart",
	// "awaiting_restart", "restarting", "started", "stopped", "dead",
	// "unknown".
	State string `json:"state"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// Version is a read only sdm binary version uploaded by the gateway process
	// when it comes online.
	Version string `json:"version"`
}

Relay represents a StrongDM CLI installation running in relay mode.

func (*Relay) GetID

func (m *Relay) GetID() string

GetID returns the unique identifier of the Relay.

func (*Relay) GetName

func (m *Relay) GetName() string

GetName returns the name of the Relay.

func (*Relay) GetTags

func (m *Relay) GetTags() Tags

GetTags returns the tags of the Relay.

func (*Relay) SetName

func (m *Relay) SetName(v string)

SetName sets the name of the Relay.

func (*Relay) SetTags

func (m *Relay) SetTags(v Tags)

SetTags sets the tags of the Relay.

type RemoteIdentities

type RemoteIdentities struct {
	// contains filtered or unexported fields
}

RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

func (*RemoteIdentities) Create

func (svc *RemoteIdentities) Create(
	ctx context.Context,
	remoteIdentity *RemoteIdentity) (
	*RemoteIdentityCreateResponse,
	error)

Create registers a new RemoteIdentity.

func (*RemoteIdentities) Delete

Delete removes a RemoteIdentity by ID.

func (*RemoteIdentities) Get

Get reads one RemoteIdentity by ID.

func (*RemoteIdentities) List

func (svc *RemoteIdentities) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	RemoteIdentityIterator,
	error)

List gets a list of RemoteIdentities matching a given set of criteria.

func (*RemoteIdentities) Update

func (svc *RemoteIdentities) Update(
	ctx context.Context,
	remoteIdentity *RemoteIdentity) (
	*RemoteIdentityUpdateResponse,
	error)

Update replaces all the fields of a RemoteIdentity by ID.

type RemoteIdentitiesHistory

type RemoteIdentitiesHistory struct {
	// contains filtered or unexported fields
}

RemoteIdentitiesHistory records all changes to the state of a RemoteIdentity.

func (*RemoteIdentitiesHistory) List

func (svc *RemoteIdentitiesHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	RemoteIdentityHistoryIterator,
	error)

List gets a list of RemoteIdentityHistory records matching a given set of criteria.

type RemoteIdentity

type RemoteIdentity struct {
	// The account for this remote identity.
	AccountID string `json:"accountId"`
	// Unique identifier of the RemoteIdentity.
	ID string `json:"id"`
	// The remote identity group.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to be used as the remote identity for this account.
	Username string `json:"username"`
}

RemoteIdentities define the username to be used for a specific account when connecting to a remote resource using that group.

type RemoteIdentityCreateResponse

type RemoteIdentityCreateResponse struct {
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The created RemoteIdentity.
	RemoteIdentity *RemoteIdentity `json:"remoteIdentity"`
}

RemoteIdentityCreateResponse reports how the RemoteIdentities were created in the system.

type RemoteIdentityDeleteResponse

type RemoteIdentityDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

RemoteIdentityDeleteResponse returns information about a RemoteIdentity that was deleted.

type RemoteIdentityGetResponse

type RemoteIdentityGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The requested RemoteIdentity.
	RemoteIdentity *RemoteIdentity `json:"remoteIdentity"`
}

RemoteIdentityGetResponse returns a requested RemoteIdentity.

type RemoteIdentityGroup

type RemoteIdentityGroup struct {
	// Unique identifier of the RemoteIdentityGroup.
	ID string `json:"id"`
	// Unique human-readable name of the RemoteIdentityGroup.
	Name string `json:"name"`
}

A RemoteIdentityGroup defines a group of remote identities.

type RemoteIdentityGroupGetResponse

type RemoteIdentityGroupGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The requested RemoteIdentityGroup.
	RemoteIdentityGroup *RemoteIdentityGroup `json:"remoteIdentityGroup"`
}

RemoteIdentityGroupGetResponse returns a requested RemoteIdentityGroup.

type RemoteIdentityGroupHistory

type RemoteIdentityGroupHistory struct {
	// The unique identifier of the Activity that produced this change to the RemoteIdentityGroup.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this RemoteIdentityGroup was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The complete RemoteIdentityGroup state at this time.
	RemoteIdentityGroup *RemoteIdentityGroup `json:"remoteIdentityGroup"`
	// The time at which the RemoteIdentityGroup state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

RemoteIdentityGroupHistory records the state of a RemoteIdentityGroup at a given point in time, where every change (create, update and delete) to a RemoteIdentityGroup produces an RemoteIdentityGroupHistory record.

type RemoteIdentityGroupHistoryIterator

type RemoteIdentityGroupHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *RemoteIdentityGroupHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

RemoteIdentityGroupHistoryIterator provides read access to a list of RemoteIdentityGroupHistory. Use it like so:

for iterator.Next() {
    remoteIdentityGroupHistory := iterator.Value()
    // ...
}

type RemoteIdentityGroupIterator

type RemoteIdentityGroupIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *RemoteIdentityGroup
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

RemoteIdentityGroupIterator provides read access to a list of RemoteIdentityGroup. Use it like so:

for iterator.Next() {
    remoteIdentityGroup := iterator.Value()
    // ...
}

type RemoteIdentityGroups

type RemoteIdentityGroups struct {
	// contains filtered or unexported fields
}

A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.

func (*RemoteIdentityGroups) Get

Get reads one RemoteIdentityGroup by ID.

func (*RemoteIdentityGroups) List

func (svc *RemoteIdentityGroups) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	RemoteIdentityGroupIterator,
	error)

List gets a list of RemoteIdentityGroups matching a given set of criteria.

type RemoteIdentityGroupsHistory

type RemoteIdentityGroupsHistory struct {
	// contains filtered or unexported fields
}

RemoteIdentityGroupsHistory records all changes to the state of a RemoteIdentityGroup.

func (*RemoteIdentityGroupsHistory) List

func (svc *RemoteIdentityGroupsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	RemoteIdentityGroupHistoryIterator,
	error)

List gets a list of RemoteIdentityGroupHistory records matching a given set of criteria.

type RemoteIdentityHistory

type RemoteIdentityHistory struct {
	// The unique identifier of the Activity that produced this change to the RemoteIdentity.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this RemoteIdentity was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The complete RemoteIdentity state at this time.
	RemoteIdentity *RemoteIdentity `json:"remoteIdentity"`
	// The time at which the RemoteIdentity state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

RemoteIdentityHistory records the state of a RemoteIdentity at a given point in time, where every change (create, update and delete) to a RemoteIdentity produces an RemoteIdentityHistory record.

type RemoteIdentityHistoryIterator

type RemoteIdentityHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *RemoteIdentityHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

RemoteIdentityHistoryIterator provides read access to a list of RemoteIdentityHistory. Use it like so:

for iterator.Next() {
    remoteIdentityHistory := iterator.Value()
    // ...
}

type RemoteIdentityIterator

type RemoteIdentityIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *RemoteIdentity
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

RemoteIdentityIterator provides read access to a list of RemoteIdentity. Use it like so:

for iterator.Next() {
    remoteIdentity := iterator.Value()
    // ...
}

type RemoteIdentityUpdateResponse

type RemoteIdentityUpdateResponse struct {
	// Reserved for future use.
	Meta *UpdateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The updated RemoteIdentity.
	RemoteIdentity *RemoteIdentity `json:"remoteIdentity"`
}

RemoteIdentityUpdateResponse returns the fields of a RemoteIdentity after it has been updated by a RemoteIdentityUpdateRequest.

type ReplayChunk

type ReplayChunk struct {
	// The raw data of the ReplayChunk. The data is encrypted if the associated Query is encrypted.
	Data []byte `json:"data"`
	// The list of events of the ReplayChunk. If the Query is encrypted, this field is always empty
	// and the events can be obtained by decrypting the data using the QueryKey returned with the Query.
	Events []*ReplayChunkEvent `json:"events"`
}

A ReplayChunk represents a single "chunk" of data from the query replay.

type ReplayChunkEvent

type ReplayChunkEvent struct {
	// The raw data of the ReplayChunkEvent.
	Data []byte `json:"data"`
	// The time duration over which the data in this ReplayChunkEvent was transferred.
	Duration time.Duration `json:"duration"`
}

A ReplayChunkEvent represents a single event within a query replay. The timing information included in each ReplayChunkEvent may be used to replay a session in real time.

type ReplayChunkIterator

type ReplayChunkIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *ReplayChunk
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ReplayChunkIterator provides read access to a list of ReplayChunk. Use it like so:

for iterator.Next() {
    replayChunk := iterator.Value()
    // ...
}

type Replays

type Replays struct {
	// contains filtered or unexported fields
}

A Replay captures the data transferred over a long-running SSH, RDP, or Kubernetes interactive session (otherwise referred to as a query). The Replays service is read-only.

func (*Replays) List

func (svc *Replays) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	ReplayChunkIterator,
	error)

List gets a list of ReplayChunks for the Query ID specified by the filter criteria.

type RequestableResource

type RequestableResource struct {
	// The current state of the user's access to the resources
	Access string `json:"access"`
	// The type of authentication for the resource
	Authentication string `json:"authentication"`
	// The health check status of the reasource
	Healthy bool `json:"healthy"`
	// The resource id.
	ID string `json:"id"`
	// The resource name.
	Name string `json:"name"`
	// Any tags attached to this resource
	Tags Tags `json:"tags"`
	// The resource type
	Type string `json:"type"`
}

RequestableResource is a resource that can be requested via an AccessRequestConfig

type Resource

type Resource interface {
	// GetID returns the unique identifier of the Resource.
	GetID() string
	// GetName returns the name of the Resource.
	GetName() string
	// SetName sets the name of the Resource.
	SetName(string)
	// GetTags returns the tags of the Resource.
	GetTags() Tags
	// SetTags sets the tags of the Resource.
	SetTags(Tags)
	// GetSecretStoreID returns the secret store id of the Resource.
	GetSecretStoreID() string
	// SetSecretStoreID sets the secret store id of the Resource.
	SetSecretStoreID(string)
	// GetEgressFilter returns the egress filter of the Resource.
	GetEgressFilter() string
	// SetEgressFilter sets the egress filter of the Resource.
	SetEgressFilter(string)
	// GetBindInterface returns the bind interface of the Resource.
	GetBindInterface() string
	// SetBindInterface sets the bind interface of the Resource.
	SetBindInterface(string)
	// contains filtered or unexported methods
}

A Resource is a database, server, cluster, website, or cloud that strongDM delegates access to.

type ResourceCreateResponse

type ResourceCreateResponse struct {
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The created Resource.
	Resource Resource `json:"resource"`
}

ResourceCreateResponse reports how the Resources were created in the system.

type ResourceDeleteResponse

type ResourceDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ResourceDeleteResponse returns information about a Resource that was deleted.

type ResourceGetResponse

type ResourceGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The requested Resource.
	Resource Resource `json:"resource"`
}

ResourceGetResponse returns a requested Resource.

type ResourceHealthcheckRequest

type ResourceHealthcheckRequest struct {
	// The unique identifier of the Resource to healthcheck.
	ID string `json:"id"`
}

ResourceHealthcheckRequest specifies requesting a healthcheck for a given resource by ID.

type ResourceHealthcheckResponse

type ResourceHealthcheckResponse struct {
	// Reserved for future use.
	Meta *UpdateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

ResourceHealthcheckResponse reports any metadata concerning a healthcheck response. Healthchecks are non blocking, and this contains no non-metadata.

type ResourceHistory

type ResourceHistory struct {
	// The unique identifier of the Activity that produced this change to the Resource.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this Resource was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The complete Resource state at this time.
	Resource Resource `json:"resource"`
	// The time at which the Resource state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

ResourceHistory records the state of a Resource at a given point in time, where every change (create, update and delete) to a Resource produces an ResourceHistory record.

type ResourceHistoryIterator

type ResourceHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *ResourceHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ResourceHistoryIterator provides read access to a list of ResourceHistory. Use it like so:

for iterator.Next() {
    resourceHistory := iterator.Value()
    // ...
}

type ResourceIterator

type ResourceIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() Resource
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

ResourceIterator provides read access to a list of Resource. Use it like so:

for iterator.Next() {
    resource := iterator.Value()
    // ...
}

type ResourceUpdateResponse

type ResourceUpdateResponse struct {
	// Reserved for future use.
	Meta *UpdateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The updated Resource.
	Resource Resource `json:"resource"`
}

ResourceUpdateResponse returns the fields of a Resource after it has been updated by a ResourceUpdateRequest.

type Resources

type Resources struct {
	// contains filtered or unexported fields
}

Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

func (*Resources) Create

func (svc *Resources) Create(
	ctx context.Context,
	resource Resource) (
	*ResourceCreateResponse,
	error)

Create registers a new Resource.

func (*Resources) Delete

func (svc *Resources) Delete(
	ctx context.Context,
	id string) (
	*ResourceDeleteResponse,
	error)

Delete removes a Resource by ID.

func (*Resources) EnumerateTags

func (svc *Resources) EnumerateTags(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	TagIterator,
	error)

EnumerateTags gets a list of the filter matching tags.

func (*Resources) Get

func (svc *Resources) Get(
	ctx context.Context,
	id string) (
	*ResourceGetResponse,
	error)

Get reads one Resource by ID.

func (*Resources) Healthcheck

func (svc *Resources) Healthcheck(
	ctx context.Context,
	id string) (
	*ResourceHealthcheckResponse,
	error)

Healthcheck triggers a remote healthcheck. It may take minutes to propagate across a large network of Nodes. The call will return immediately, and the updated health of the Resource can be retrieved via Get or List.

func (*Resources) List

func (svc *Resources) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	ResourceIterator,
	error)

List gets a list of Resources matching a given set of criteria.

func (*Resources) Update

func (svc *Resources) Update(
	ctx context.Context,
	resource Resource) (
	*ResourceUpdateResponse,
	error)

Update replaces all the fields of a Resource by ID.

type ResourcesHistory

type ResourcesHistory struct {
	// contains filtered or unexported fields
}

ResourcesHistory records all changes to the state of a Resource.

func (*ResourcesHistory) List

func (svc *ResourcesHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	ResourceHistoryIterator,
	error)

List gets a list of ResourceHistory records matching a given set of criteria.

type Role

type Role struct {
	// AccessRules is a list of access rules defining the resources this Role has access to.
	AccessRules AccessRules `json:"accessRules"`
	// Unique identifier of the Role.
	ID string `json:"id"`
	// Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
	ManagedBy string `json:"managedBy"`
	// Unique human-readable name of the Role.
	Name string `json:"name"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

type RoleCreateResponse

type RoleCreateResponse struct {
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The created Role.
	Role *Role `json:"role"`
}

RoleCreateResponse reports how the Roles were created in the system. It can communicate partial successes or failures.

type RoleDeleteResponse

type RoleDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

RoleDeleteResponse returns information about a Role that was deleted.

type RoleGetResponse

type RoleGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The requested Role.
	Role *Role `json:"role"`
}

RoleGetResponse returns a requested Role.

type RoleHistory

type RoleHistory struct {
	// The unique identifier of the Activity that produced this change to the Role.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this Role was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The complete Role state at this time.
	Role *Role `json:"role"`
	// The time at which the Role state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

RoleHistory records the state of a Role at a given point in time, where every change (create, update and delete) to a Role produces an RoleHistory record.

type RoleHistoryIterator

type RoleHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *RoleHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

RoleHistoryIterator provides read access to a list of RoleHistory. Use it like so:

for iterator.Next() {
    roleHistory := iterator.Value()
    // ...
}

type RoleIterator

type RoleIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *Role
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

RoleIterator provides read access to a list of Role. Use it like so:

for iterator.Next() {
    role := iterator.Value()
    // ...
}

type RoleResource

type RoleResource struct {
	// The most recent time at which access was granted. If access was granted,
	// revoked, and granted again, this will reflect the later time.
	GrantedAt time.Time `json:"grantedAt"`
	// The unique identifier of the Resource to which access is granted.
	ResourceID string `json:"resourceId"`
	// The unique identifier of the Role to which access is granted.
	RoleID string `json:"roleId"`
}

RoleResource represents an individual access grant of a Role to a Resource.

type RoleResourceHistory

type RoleResourceHistory struct {
	// The unique identifier of the Activity that produced this change to the RoleResource.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this RoleResource was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The complete RoleResource state at this time.
	RoleResource *RoleResource `json:"roleResource"`
	// The time at which the RoleResource state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

RoleResourceHistory records the state of a RoleResource at a given point in time, where every change (create or delete) to a RoleResource produces an RoleResourceHistory record.

type RoleResourceHistoryIterator

type RoleResourceHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *RoleResourceHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

RoleResourceHistoryIterator provides read access to a list of RoleResourceHistory. Use it like so:

for iterator.Next() {
    roleResourceHistory := iterator.Value()
    // ...
}

type RoleResourceIterator

type RoleResourceIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *RoleResource
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

RoleResourceIterator provides read access to a list of RoleResource. Use it like so:

for iterator.Next() {
    roleResource := iterator.Value()
    // ...
}

type RoleResources

type RoleResources struct {
	// contains filtered or unexported fields
}

RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.

func (*RoleResources) List

func (svc *RoleResources) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	RoleResourceIterator,
	error)

List gets a list of RoleResource records matching a given set of criteria.

type RoleResourcesHistory

type RoleResourcesHistory struct {
	// contains filtered or unexported fields
}

RoleResourcesHistory records all changes to the state of a RoleResource.

func (*RoleResourcesHistory) List

func (svc *RoleResourcesHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	RoleResourceHistoryIterator,
	error)

List gets a list of RoleResourceHistory records matching a given set of criteria.

type RoleUpdateResponse

type RoleUpdateResponse struct {
	// Reserved for future use.
	Meta *UpdateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The updated Role.
	Role *Role `json:"role"`
}

RoleUpdateResponse returns the fields of a Role after it has been updated by a RoleUpdateRequest.

type Roles

type Roles struct {
	// contains filtered or unexported fields
}

A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

func (*Roles) Create

func (svc *Roles) Create(
	ctx context.Context,
	role *Role) (
	*RoleCreateResponse,
	error)

Create registers a new Role.

func (*Roles) Delete

func (svc *Roles) Delete(
	ctx context.Context,
	id string) (
	*RoleDeleteResponse,
	error)

Delete removes a Role by ID.

func (*Roles) Get

func (svc *Roles) Get(
	ctx context.Context,
	id string) (
	*RoleGetResponse,
	error)

Get reads one Role by ID.

func (*Roles) List

func (svc *Roles) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	RoleIterator,
	error)

List gets a list of Roles matching a given set of criteria.

func (*Roles) Update

func (svc *Roles) Update(
	ctx context.Context,
	role *Role) (
	*RoleUpdateResponse,
	error)

Update replaces all the fields of a Role by ID.

type RolesHistory

type RolesHistory struct {
	// contains filtered or unexported fields
}

RolesHistory records all changes to the state of a Role.

func (*RolesHistory) List

func (svc *RolesHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	RoleHistoryIterator,
	error)

List gets a list of RoleHistory records matching a given set of criteria.

type SQLServer

type SQLServer struct {
	// Whether to allow deprecated encryption protocols to be used for this resource. For example,
	// TLS 1.0.
	AllowDeprecatedEncryption bool `json:"allowDeprecatedEncryption"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The database for healthchecks, and used for clients if Override Default Database is true.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The Schema to use to direct initial requests.
	Schema string `json:"schema"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*SQLServer) GetBindInterface

func (m *SQLServer) GetBindInterface() string

GetBindInterface returns the bind interface of the SQLServer.

func (*SQLServer) GetEgressFilter

func (m *SQLServer) GetEgressFilter() string

GetEgressFilter returns the egress filter of the SQLServer.

func (*SQLServer) GetID

func (m *SQLServer) GetID() string

GetID returns the unique identifier of the SQLServer.

func (*SQLServer) GetName

func (m *SQLServer) GetName() string

GetName returns the name of the SQLServer.

func (*SQLServer) GetSecretStoreID

func (m *SQLServer) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the SQLServer.

func (*SQLServer) GetTags

func (m *SQLServer) GetTags() Tags

GetTags returns the tags of the SQLServer.

func (*SQLServer) SetBindInterface

func (m *SQLServer) SetBindInterface(v string)

SetBindInterface sets the bind interface of the SQLServer.

func (*SQLServer) SetEgressFilter

func (m *SQLServer) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the SQLServer.

func (*SQLServer) SetName

func (m *SQLServer) SetName(v string)

SetName sets the name of the SQLServer.

func (*SQLServer) SetSecretStoreID

func (m *SQLServer) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the SQLServer.

func (*SQLServer) SetTags

func (m *SQLServer) SetTags(v Tags)

SetTags sets the tags of the SQLServer.

type SQLServerAzureAD

type SQLServerAzureAD struct {
	// Whether to allow deprecated encryption protocols to be used for this resource. For example,
	// TLS 1.0.
	AllowDeprecatedEncryption bool `json:"allowDeprecatedEncryption"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The Azure AD application (client) ID with which to authenticate.
	ClientID string `json:"clientId"`
	// The database for healthchecks, and used for clients if Override Default Database is true.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The Schema to use to direct initial requests.
	Schema string `json:"schema"`
	// The Azure AD client secret (application password) with which to authenticate.
	Secret string `json:"secret"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The Azure AD directory (tenant) ID with which to authenticate.
	TenantID string `json:"tenantId"`
}

func (*SQLServerAzureAD) GetBindInterface

func (m *SQLServerAzureAD) GetBindInterface() string

GetBindInterface returns the bind interface of the SQLServerAzureAD.

func (*SQLServerAzureAD) GetEgressFilter

func (m *SQLServerAzureAD) GetEgressFilter() string

GetEgressFilter returns the egress filter of the SQLServerAzureAD.

func (*SQLServerAzureAD) GetID

func (m *SQLServerAzureAD) GetID() string

GetID returns the unique identifier of the SQLServerAzureAD.

func (*SQLServerAzureAD) GetName

func (m *SQLServerAzureAD) GetName() string

GetName returns the name of the SQLServerAzureAD.

func (*SQLServerAzureAD) GetSecretStoreID

func (m *SQLServerAzureAD) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the SQLServerAzureAD.

func (*SQLServerAzureAD) GetTags

func (m *SQLServerAzureAD) GetTags() Tags

GetTags returns the tags of the SQLServerAzureAD.

func (*SQLServerAzureAD) SetBindInterface

func (m *SQLServerAzureAD) SetBindInterface(v string)

SetBindInterface sets the bind interface of the SQLServerAzureAD.

func (*SQLServerAzureAD) SetEgressFilter

func (m *SQLServerAzureAD) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the SQLServerAzureAD.

func (*SQLServerAzureAD) SetName

func (m *SQLServerAzureAD) SetName(v string)

SetName sets the name of the SQLServerAzureAD.

func (*SQLServerAzureAD) SetSecretStoreID

func (m *SQLServerAzureAD) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the SQLServerAzureAD.

func (*SQLServerAzureAD) SetTags

func (m *SQLServerAzureAD) SetTags(v Tags)

SetTags sets the tags of the SQLServerAzureAD.

type SQLServerKerberosAD

type SQLServerKerberosAD struct {
	// Whether to allow deprecated encryption protocols to be used for this resource. For example,
	// TLS 1.0.
	AllowDeprecatedEncryption bool `json:"allowDeprecatedEncryption"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The database for healthchecks, and used for clients if Override Default Database is true.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// The keytab file in base64 format containing an entry with the principal name (username@realm) and key version number with which to authenticate.
	Keytab string `json:"keytab"`
	// The Kerberos 5 configuration file (krb5.conf) specifying the Active Directory server (KDC) for the configured realm.
	KrbConfig string `json:"krbConfig"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// If set, the database configured cannot be changed by users. This setting is not recommended for most use cases, as some clients will insist their database has changed when it has not, leading to user confusion.
	OverrideDatabase bool `json:"overrideDatabase"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The Active Directory domain (realm) to which the configured username belongs.
	Realm string `json:"realm"`
	// The Schema to use to direct initial requests.
	Schema string `json:"schema"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// The Service Principal Name of the Microsoft SQL Server instance in Active Directory.
	ServerSpn string `json:"serverSpn"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*SQLServerKerberosAD) GetBindInterface

func (m *SQLServerKerberosAD) GetBindInterface() string

GetBindInterface returns the bind interface of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) GetEgressFilter

func (m *SQLServerKerberosAD) GetEgressFilter() string

GetEgressFilter returns the egress filter of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) GetID

func (m *SQLServerKerberosAD) GetID() string

GetID returns the unique identifier of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) GetName

func (m *SQLServerKerberosAD) GetName() string

GetName returns the name of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) GetSecretStoreID

func (m *SQLServerKerberosAD) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) GetTags

func (m *SQLServerKerberosAD) GetTags() Tags

GetTags returns the tags of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) SetBindInterface

func (m *SQLServerKerberosAD) SetBindInterface(v string)

SetBindInterface sets the bind interface of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) SetEgressFilter

func (m *SQLServerKerberosAD) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) SetName

func (m *SQLServerKerberosAD) SetName(v string)

SetName sets the name of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) SetSecretStoreID

func (m *SQLServerKerberosAD) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the SQLServerKerberosAD.

func (*SQLServerKerberosAD) SetTags

func (m *SQLServerKerberosAD) SetTags(v Tags)

SetTags sets the tags of the SQLServerKerberosAD.

type SSH

type SSH struct {
	// Whether deprecated, insecure key exchanges are allowed for use to connect to the target ssh server.
	AllowDeprecatedKeyExchanges bool `json:"allowDeprecatedKeyExchanges"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// The key type to use e.g. rsa-2048 or ed25519
	KeyType string `json:"keyType"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// Whether port forwarding is allowed through this server.
	PortForwarding bool `json:"portForwarding"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The public key to append to a server's authorized keys. This will be generated after resource creation.
	PublicKey string `json:"publicKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*SSH) GetBindInterface

func (m *SSH) GetBindInterface() string

GetBindInterface returns the bind interface of the SSH.

func (*SSH) GetEgressFilter

func (m *SSH) GetEgressFilter() string

GetEgressFilter returns the egress filter of the SSH.

func (*SSH) GetID

func (m *SSH) GetID() string

GetID returns the unique identifier of the SSH.

func (*SSH) GetName

func (m *SSH) GetName() string

GetName returns the name of the SSH.

func (*SSH) GetSecretStoreID

func (m *SSH) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the SSH.

func (*SSH) GetTags

func (m *SSH) GetTags() Tags

GetTags returns the tags of the SSH.

func (*SSH) SetBindInterface

func (m *SSH) SetBindInterface(v string)

SetBindInterface sets the bind interface of the SSH.

func (*SSH) SetEgressFilter

func (m *SSH) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the SSH.

func (*SSH) SetName

func (m *SSH) SetName(v string)

SetName sets the name of the SSH.

func (*SSH) SetSecretStoreID

func (m *SSH) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the SSH.

func (*SSH) SetTags

func (m *SSH) SetTags(v Tags)

SetTags sets the tags of the SSH.

type SSHCert

type SSHCert struct {
	// Whether deprecated, insecure key exchanges are allowed for use to connect to the target ssh server.
	AllowDeprecatedKeyExchanges bool `json:"allowDeprecatedKeyExchanges"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// The key type to use e.g. rsa-2048 or ed25519
	KeyType string `json:"keyType"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// Whether port forwarding is allowed through this server.
	PortForwarding bool `json:"portForwarding"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The ID of the remote identity group to use for remote identity connections.
	RemoteIdentityGroupID string `json:"remoteIdentityGroupId"`
	// The username to use for healthchecks, when clients otherwise connect with their own remote identity username.
	RemoteIdentityHealthcheckUsername string `json:"remoteIdentityHealthcheckUsername"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*SSHCert) GetBindInterface

func (m *SSHCert) GetBindInterface() string

GetBindInterface returns the bind interface of the SSHCert.

func (*SSHCert) GetEgressFilter

func (m *SSHCert) GetEgressFilter() string

GetEgressFilter returns the egress filter of the SSHCert.

func (*SSHCert) GetID

func (m *SSHCert) GetID() string

GetID returns the unique identifier of the SSHCert.

func (*SSHCert) GetName

func (m *SSHCert) GetName() string

GetName returns the name of the SSHCert.

func (*SSHCert) GetSecretStoreID

func (m *SSHCert) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the SSHCert.

func (*SSHCert) GetTags

func (m *SSHCert) GetTags() Tags

GetTags returns the tags of the SSHCert.

func (*SSHCert) SetBindInterface

func (m *SSHCert) SetBindInterface(v string)

SetBindInterface sets the bind interface of the SSHCert.

func (*SSHCert) SetEgressFilter

func (m *SSHCert) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the SSHCert.

func (*SSHCert) SetName

func (m *SSHCert) SetName(v string)

SetName sets the name of the SSHCert.

func (*SSHCert) SetSecretStoreID

func (m *SSHCert) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the SSHCert.

func (*SSHCert) SetTags

func (m *SSHCert) SetTags(v Tags)

SetTags sets the tags of the SSHCert.

type SSHCustomerKey

type SSHCustomerKey struct {
	// Whether deprecated, insecure key exchanges are allowed for use to connect to the target ssh server.
	AllowDeprecatedKeyExchanges bool `json:"allowDeprecatedKeyExchanges"`
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// Whether port forwarding is allowed through this server.
	PortForwarding bool `json:"portForwarding"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The private key used to authenticate with the server.
	PrivateKey string `json:"privateKey"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*SSHCustomerKey) GetBindInterface

func (m *SSHCustomerKey) GetBindInterface() string

GetBindInterface returns the bind interface of the SSHCustomerKey.

func (*SSHCustomerKey) GetEgressFilter

func (m *SSHCustomerKey) GetEgressFilter() string

GetEgressFilter returns the egress filter of the SSHCustomerKey.

func (*SSHCustomerKey) GetID

func (m *SSHCustomerKey) GetID() string

GetID returns the unique identifier of the SSHCustomerKey.

func (*SSHCustomerKey) GetName

func (m *SSHCustomerKey) GetName() string

GetName returns the name of the SSHCustomerKey.

func (*SSHCustomerKey) GetSecretStoreID

func (m *SSHCustomerKey) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the SSHCustomerKey.

func (*SSHCustomerKey) GetTags

func (m *SSHCustomerKey) GetTags() Tags

GetTags returns the tags of the SSHCustomerKey.

func (*SSHCustomerKey) SetBindInterface

func (m *SSHCustomerKey) SetBindInterface(v string)

SetBindInterface sets the bind interface of the SSHCustomerKey.

func (*SSHCustomerKey) SetEgressFilter

func (m *SSHCustomerKey) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the SSHCustomerKey.

func (*SSHCustomerKey) SetName

func (m *SSHCustomerKey) SetName(v string)

SetName sets the name of the SSHCustomerKey.

func (*SSHCustomerKey) SetSecretStoreID

func (m *SSHCustomerKey) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the SSHCustomerKey.

func (*SSHCustomerKey) SetTags

func (m *SSHCustomerKey) SetTags(v Tags)

SetTags sets the tags of the SSHCustomerKey.

type SecretStore

type SecretStore interface {
	// GetID returns the unique identifier of the SecretStore.
	GetID() string
	// GetTags returns the tags of the SecretStore.
	GetTags() Tags
	// SetTags sets the tags of the SecretStore.
	SetTags(Tags)
	// GetName returns the name of the SecretStore.
	GetName() string
	// SetName sets the name of the SecretStore.
	SetName(string)
	// contains filtered or unexported methods
}

A SecretStore is a server where resource secrets (passwords, keys) are stored. Coming soon support for HashiCorp Vault and AWS Secret Store.

type SecretStoreCreateResponse

type SecretStoreCreateResponse struct {
	// Reserved for future use.
	Meta *CreateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The created SecretStore.
	SecretStore SecretStore `json:"secretStore"`
}

SecretStoreCreateResponse reports how the SecretStores were created in the system.

type SecretStoreDeleteResponse

type SecretStoreDeleteResponse struct {
	// Reserved for future use.
	Meta *DeleteResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

SecretStoreDeleteResponse returns information about a SecretStore that was deleted.

type SecretStoreGetResponse

type SecretStoreGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The requested SecretStore.
	SecretStore SecretStore `json:"secretStore"`
}

SecretStoreGetResponse returns a requested SecretStore.

type SecretStoreHealth

type SecretStoreHealth struct {
	// The time when the status last changed
	ChangedAt time.Time `json:"changedAt"`
	// The time when the status was last checked by the node
	CheckedAt time.Time `json:"checkedAt"`
	// The error associated with this health check, if it occurred after reachability checks succeeded.
	Error string `json:"error"`
	// Any specific status or error flags associated with this health check.
	Flags []string `json:"flags"`
	// Associated node id for this health
	NodeID string `json:"nodeId"`
	// The error associated with this health check, if it occurred during reachability checks.
	Reachability string `json:"reachability"`
	// Associated secret store for this health
	SecretStoreID string `json:"secretStoreId"`
	// The status of the link between the node and secret store
	Status string `json:"status"`
}

SecretStoreHealth denotes a secret store's health status. Note a secret store is not healthy in terms of a simple boolean, but rather healthy with respect to a particular node or set of nodes.

type SecretStoreHealthIterator

type SecretStoreHealthIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *SecretStoreHealth
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

SecretStoreHealthIterator provides read access to a list of SecretStoreHealth. Use it like so:

for iterator.Next() {
    secretStoreHealth := iterator.Value()
    // ...
}

type SecretStoreHealthListResponse

type SecretStoreHealthListResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

type SecretStoreHealthcheckResponse

type SecretStoreHealthcheckResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

type SecretStoreHealths

type SecretStoreHealths struct {
	// contains filtered or unexported fields
}

SecretStoreHealths exposes health states for secret stores.

func (*SecretStoreHealths) Healthcheck

func (svc *SecretStoreHealths) Healthcheck(
	ctx context.Context,
	secretStoreId string) (
	*SecretStoreHealthcheckResponse,
	error)

Healthcheck triggers a remote healthcheck request for a secret store. It may take minutes to propagate across a large network of Nodes. The call will return immediately, and the updated health of the Secret Store can be retrieved via List.

func (*SecretStoreHealths) List

func (svc *SecretStoreHealths) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	SecretStoreHealthIterator,
	error)

List reports the health status of node to secret store pairs.

type SecretStoreHistory

type SecretStoreHistory struct {
	// The unique identifier of the Activity that produced this change to the SecretStore.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this SecretStore was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The complete SecretStore state at this time.
	SecretStore SecretStore `json:"secretStore"`
	// The time at which the SecretStore state was recorded.
	Timestamp time.Time `json:"timestamp"`
}

SecretStoreHistory records the state of a SecretStore at a given point in time, where every change (create, update and delete) to a SecretStore produces an SecretStoreHistory record.

type SecretStoreHistoryIterator

type SecretStoreHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *SecretStoreHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

SecretStoreHistoryIterator provides read access to a list of SecretStoreHistory. Use it like so:

for iterator.Next() {
    secretStoreHistory := iterator.Value()
    // ...
}

type SecretStoreIterator

type SecretStoreIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() SecretStore
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

SecretStoreIterator provides read access to a list of SecretStore. Use it like so:

for iterator.Next() {
    secretStore := iterator.Value()
    // ...
}

type SecretStoreUpdateResponse

type SecretStoreUpdateResponse struct {
	// Reserved for future use.
	Meta *UpdateResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The updated SecretStore.
	SecretStore SecretStore `json:"secretStore"`
}

SecretStoreUpdateResponse returns the fields of a SecretStore after it has been updated by a SecretStoreUpdateRequest.

type SecretStores

type SecretStores struct {
	// contains filtered or unexported fields
}

SecretStores are servers where resource secrets (passwords, keys) are stored.

func (*SecretStores) Create

func (svc *SecretStores) Create(
	ctx context.Context,
	secretStore SecretStore) (
	*SecretStoreCreateResponse,
	error)

func (*SecretStores) Delete

Delete removes a SecretStore by ID.

func (*SecretStores) Get

Get reads one SecretStore by ID.

func (*SecretStores) List

func (svc *SecretStores) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	SecretStoreIterator,
	error)

List gets a list of SecretStores matching a given set of criteria.

func (*SecretStores) Update

func (svc *SecretStores) Update(
	ctx context.Context,
	secretStore SecretStore) (
	*SecretStoreUpdateResponse,
	error)

Update replaces all the fields of a SecretStore by ID.

type SecretStoresHistory

type SecretStoresHistory struct {
	// contains filtered or unexported fields
}

SecretStoresHistory records all changes to the state of a SecretStore.

func (*SecretStoresHistory) List

func (svc *SecretStoresHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	SecretStoreHistoryIterator,
	error)

List gets a list of SecretStoreHistory records matching a given set of criteria.

type Service

type Service struct {
	// Unique identifier of the Service.
	ID string `json:"id"`
	// Unique human-readable name of the Service.
	Name string `json:"name"`
	// The Service's suspended state.
	Suspended bool `json:"suspended"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

A Service is a service account that can connect to resources they are granted directly, or granted via roles. Services are typically automated jobs.

func (*Service) GetID

func (m *Service) GetID() string

GetID returns the unique identifier of the Service.

func (*Service) GetTags

func (m *Service) GetTags() Tags

GetTags returns the tags of the Service.

func (*Service) IsSuspended

func (m *Service) IsSuspended() bool

IsSuspended returns whether the Service is suspended.

func (*Service) SetSuspended

func (m *Service) SetSuspended(v bool)

SetSuspended sets the suspended of the Service.

func (*Service) SetTags

func (m *Service) SetTags(v Tags)

SetTags sets the tags of the Service.

type SingleStore

type SingleStore struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The database for healthchecks. Does not affect client requests.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// Whether native auth (mysql_native_password) is used for all connections (for backwards compatibility)
	RequireNativeAuth bool `json:"requireNativeAuth"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// If true, appends the hostname to the username when hitting a database.azure.com address
	UseAzureSingleServerUsernames bool `json:"useAzureSingleServerUsernames"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*SingleStore) GetBindInterface

func (m *SingleStore) GetBindInterface() string

GetBindInterface returns the bind interface of the SingleStore.

func (*SingleStore) GetEgressFilter

func (m *SingleStore) GetEgressFilter() string

GetEgressFilter returns the egress filter of the SingleStore.

func (*SingleStore) GetID

func (m *SingleStore) GetID() string

GetID returns the unique identifier of the SingleStore.

func (*SingleStore) GetName

func (m *SingleStore) GetName() string

GetName returns the name of the SingleStore.

func (*SingleStore) GetSecretStoreID

func (m *SingleStore) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the SingleStore.

func (*SingleStore) GetTags

func (m *SingleStore) GetTags() Tags

GetTags returns the tags of the SingleStore.

func (*SingleStore) SetBindInterface

func (m *SingleStore) SetBindInterface(v string)

SetBindInterface sets the bind interface of the SingleStore.

func (*SingleStore) SetEgressFilter

func (m *SingleStore) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the SingleStore.

func (*SingleStore) SetName

func (m *SingleStore) SetName(v string)

SetName sets the name of the SingleStore.

func (*SingleStore) SetSecretStoreID

func (m *SingleStore) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the SingleStore.

func (*SingleStore) SetTags

func (m *SingleStore) SetTags(v Tags)

SetTags sets the tags of the SingleStore.

type SnapshotAccessRequests

type SnapshotAccessRequests interface {
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		AccessRequestIterator,
		error)
}

A SnapshotAccessRequests exposes the read only methods of the AccessRequests service for historical queries.

type SnapshotAccountAttachments

type SnapshotAccountAttachments interface {
	Get(
		ctx context.Context,
		id string) (
		*AccountAttachmentGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		AccountAttachmentIterator,
		error)
}

A SnapshotAccountAttachments exposes the read only methods of the AccountAttachments service for historical queries.

type SnapshotAccountGrants

type SnapshotAccountGrants interface {
	Get(
		ctx context.Context,
		id string) (
		*AccountGrantGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		AccountGrantIterator,
		error)
}

A SnapshotAccountGrants exposes the read only methods of the AccountGrants service for historical queries.

type SnapshotAccountPermissions

type SnapshotAccountPermissions interface {
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		AccountPermissionIterator,
		error)
}

A SnapshotAccountPermissions exposes the read only methods of the AccountPermissions service for historical queries.

type SnapshotAccountResources

type SnapshotAccountResources interface {
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		AccountResourceIterator,
		error)
}

A SnapshotAccountResources exposes the read only methods of the AccountResources service for historical queries.

type SnapshotAccounts

type SnapshotAccounts interface {
	Get(
		ctx context.Context,
		id string) (
		*AccountGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		AccountIterator,
		error)
}

A SnapshotAccounts exposes the read only methods of the Accounts service for historical queries.

type SnapshotApprovalWorkflowApprovers

type SnapshotApprovalWorkflowApprovers interface {
	Get(
		ctx context.Context,
		id string) (
		*ApprovalWorkflowApproverGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		ApprovalWorkflowApproverIterator,
		error)
}

A SnapshotApprovalWorkflowApprovers exposes the read only methods of the ApprovalWorkflowApprovers service for historical queries.

type SnapshotApprovalWorkflowSteps

type SnapshotApprovalWorkflowSteps interface {
	Get(
		ctx context.Context,
		id string) (
		*ApprovalWorkflowStepGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		ApprovalWorkflowStepIterator,
		error)
}

A SnapshotApprovalWorkflowSteps exposes the read only methods of the ApprovalWorkflowSteps service for historical queries.

type SnapshotApprovalWorkflows

type SnapshotApprovalWorkflows interface {
	Get(
		ctx context.Context,
		id string) (
		*ApprovalWorkflowGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		ApprovalWorkflowIterator,
		error)
}

A SnapshotApprovalWorkflows exposes the read only methods of the ApprovalWorkflows service for historical queries.

type SnapshotClient

type SnapshotClient struct {
	// contains filtered or unexported fields
}

func (*SnapshotClient) AccessRequests

func (c *SnapshotClient) AccessRequests() SnapshotAccessRequests

AccessRequests are requests for access to a resource that may match a Workflow.

func (*SnapshotClient) AccountAttachments

func (c *SnapshotClient) AccountAttachments() SnapshotAccountAttachments

AccountAttachments assign an account to a role.

func (*SnapshotClient) AccountGrants

func (c *SnapshotClient) AccountGrants() SnapshotAccountGrants

AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

func (*SnapshotClient) AccountPermissions

func (c *SnapshotClient) AccountPermissions() SnapshotAccountPermissions

AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

func (*SnapshotClient) AccountResources

func (c *SnapshotClient) AccountResources() SnapshotAccountResources

AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.

func (*SnapshotClient) Accounts

func (c *SnapshotClient) Accounts() SnapshotAccounts

Accounts are users that have access to strongDM. There are two types of accounts: 1. **Users:** humans who are authenticated through username and password or SSO. 2. **Service Accounts:** machines that are authenticated using a service token. 3. **Tokens** are access keys with permissions that can be used for authentication.

func (*SnapshotClient) ApprovalWorkflowApprovers

func (c *SnapshotClient) ApprovalWorkflowApprovers() SnapshotApprovalWorkflowApprovers

ApprovalWorkflowApprovers link approval workflow approvers to an ApprovalWorkflowStep

func (*SnapshotClient) ApprovalWorkflowSteps

func (c *SnapshotClient) ApprovalWorkflowSteps() SnapshotApprovalWorkflowSteps

ApprovalWorkflowSteps link approval workflow steps to an ApprovalWorkflow

func (*SnapshotClient) ApprovalWorkflows

func (c *SnapshotClient) ApprovalWorkflows() SnapshotApprovalWorkflows

ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.

func (*SnapshotClient) Nodes

func (c *SnapshotClient) Nodes() SnapshotNodes

Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes: - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers. - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.

func (*SnapshotClient) RemoteIdentities

func (c *SnapshotClient) RemoteIdentities() SnapshotRemoteIdentities

RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

func (*SnapshotClient) RemoteIdentityGroups

func (c *SnapshotClient) RemoteIdentityGroups() SnapshotRemoteIdentityGroups

A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.

func (*SnapshotClient) Resources

func (c *SnapshotClient) Resources() SnapshotResources

Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

func (*SnapshotClient) RoleResources

func (c *SnapshotClient) RoleResources() SnapshotRoleResources

RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.

func (*SnapshotClient) Roles

func (c *SnapshotClient) Roles() SnapshotRoles

A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

func (*SnapshotClient) SecretStores

func (c *SnapshotClient) SecretStores() SnapshotSecretStores

SecretStores are servers where resource secrets (passwords, keys) are stored.

func (*SnapshotClient) WorkflowApprovers

func (c *SnapshotClient) WorkflowApprovers() SnapshotWorkflowApprovers

WorkflowApprovers is an account or a role with the ability to approve requests bound to a workflow.

func (*SnapshotClient) WorkflowAssignments

func (c *SnapshotClient) WorkflowAssignments() SnapshotWorkflowAssignments

WorkflowAssignments links a Resource to a Workflow. The assigned resources are those that a user can request access to via the workflow.

func (*SnapshotClient) WorkflowRoles

func (c *SnapshotClient) WorkflowRoles() SnapshotWorkflowRoles

WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.

func (*SnapshotClient) Workflows

func (c *SnapshotClient) Workflows() SnapshotWorkflows

Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.

type SnapshotNodes

type SnapshotNodes interface {
	Get(
		ctx context.Context,
		id string) (
		*NodeGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		NodeIterator,
		error)
}

A SnapshotNodes exposes the read only methods of the Nodes service for historical queries.

type SnapshotRemoteIdentities

type SnapshotRemoteIdentities interface {
	Get(
		ctx context.Context,
		id string) (
		*RemoteIdentityGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		RemoteIdentityIterator,
		error)
}

A SnapshotRemoteIdentities exposes the read only methods of the RemoteIdentities service for historical queries.

type SnapshotRemoteIdentityGroups

type SnapshotRemoteIdentityGroups interface {
	Get(
		ctx context.Context,
		id string) (
		*RemoteIdentityGroupGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		RemoteIdentityGroupIterator,
		error)
}

A SnapshotRemoteIdentityGroups exposes the read only methods of the RemoteIdentityGroups service for historical queries.

type SnapshotResources

type SnapshotResources interface {
	Get(
		ctx context.Context,
		id string) (
		*ResourceGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		ResourceIterator,
		error)
}

A SnapshotResources exposes the read only methods of the Resources service for historical queries.

type SnapshotRoleResources

type SnapshotRoleResources interface {
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		RoleResourceIterator,
		error)
}

A SnapshotRoleResources exposes the read only methods of the RoleResources service for historical queries.

type SnapshotRoles

type SnapshotRoles interface {
	Get(
		ctx context.Context,
		id string) (
		*RoleGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		RoleIterator,
		error)
}

A SnapshotRoles exposes the read only methods of the Roles service for historical queries.

type SnapshotSecretStores

type SnapshotSecretStores interface {
	Get(
		ctx context.Context,
		id string) (
		*SecretStoreGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		SecretStoreIterator,
		error)
}

A SnapshotSecretStores exposes the read only methods of the SecretStores service for historical queries.

type SnapshotWorkflowApprovers

type SnapshotWorkflowApprovers interface {
	Get(
		ctx context.Context,
		id string) (
		*WorkflowApproverGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		WorkflowApproverIterator,
		error)
}

A SnapshotWorkflowApprovers exposes the read only methods of the WorkflowApprovers service for historical queries.

type SnapshotWorkflowAssignments

type SnapshotWorkflowAssignments interface {
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		WorkflowAssignmentIterator,
		error)
}

A SnapshotWorkflowAssignments exposes the read only methods of the WorkflowAssignments service for historical queries.

type SnapshotWorkflowRoles

type SnapshotWorkflowRoles interface {
	Get(
		ctx context.Context,
		id string) (
		*WorkflowRoleGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		WorkflowRoleIterator,
		error)
}

A SnapshotWorkflowRoles exposes the read only methods of the WorkflowRoles service for historical queries.

type SnapshotWorkflows

type SnapshotWorkflows interface {
	Get(
		ctx context.Context,
		id string) (
		*WorkflowGetResponse,
		error)
	List(
		ctx context.Context,
		filter string,
		args ...interface{}) (
		WorkflowIterator,
		error)
}

A SnapshotWorkflows exposes the read only methods of the Workflows service for historical queries.

type Snowflake

type Snowflake struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The schema to provide on authentication.
	Schema string `json:"schema"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Snowflake) GetBindInterface

func (m *Snowflake) GetBindInterface() string

GetBindInterface returns the bind interface of the Snowflake.

func (*Snowflake) GetEgressFilter

func (m *Snowflake) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Snowflake.

func (*Snowflake) GetID

func (m *Snowflake) GetID() string

GetID returns the unique identifier of the Snowflake.

func (*Snowflake) GetName

func (m *Snowflake) GetName() string

GetName returns the name of the Snowflake.

func (*Snowflake) GetSecretStoreID

func (m *Snowflake) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Snowflake.

func (*Snowflake) GetTags

func (m *Snowflake) GetTags() Tags

GetTags returns the tags of the Snowflake.

func (*Snowflake) SetBindInterface

func (m *Snowflake) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Snowflake.

func (*Snowflake) SetEgressFilter

func (m *Snowflake) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Snowflake.

func (*Snowflake) SetName

func (m *Snowflake) SetName(v string)

SetName sets the name of the Snowflake.

func (*Snowflake) SetSecretStoreID

func (m *Snowflake) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Snowflake.

func (*Snowflake) SetTags

func (m *Snowflake) SetTags(v Tags)

SetTags sets the tags of the Snowflake.

type Snowsight

type Snowsight struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// The StrongDM user email to use for healthchecks.
	HealthcheckUsername string `json:"healthcheckUsername"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// The Metadata for your snowflake IDP integration
	SamlMetadata string `json:"samlMetadata"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*Snowsight) GetBindInterface

func (m *Snowsight) GetBindInterface() string

GetBindInterface returns the bind interface of the Snowsight.

func (*Snowsight) GetEgressFilter

func (m *Snowsight) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Snowsight.

func (*Snowsight) GetID

func (m *Snowsight) GetID() string

GetID returns the unique identifier of the Snowsight.

func (*Snowsight) GetName

func (m *Snowsight) GetName() string

GetName returns the name of the Snowsight.

func (*Snowsight) GetSecretStoreID

func (m *Snowsight) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Snowsight.

func (*Snowsight) GetTags

func (m *Snowsight) GetTags() Tags

GetTags returns the tags of the Snowsight.

func (*Snowsight) SetBindInterface

func (m *Snowsight) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Snowsight.

func (*Snowsight) SetEgressFilter

func (m *Snowsight) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Snowsight.

func (*Snowsight) SetName

func (m *Snowsight) SetName(v string)

SetName sets the name of the Snowsight.

func (*Snowsight) SetSecretStoreID

func (m *Snowsight) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Snowsight.

func (*Snowsight) SetTags

func (m *Snowsight) SetTags(v Tags)

SetTags sets the tags of the Snowsight.

type Sybase

type Sybase struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Sybase) GetBindInterface

func (m *Sybase) GetBindInterface() string

GetBindInterface returns the bind interface of the Sybase.

func (*Sybase) GetEgressFilter

func (m *Sybase) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Sybase.

func (*Sybase) GetID

func (m *Sybase) GetID() string

GetID returns the unique identifier of the Sybase.

func (*Sybase) GetName

func (m *Sybase) GetName() string

GetName returns the name of the Sybase.

func (*Sybase) GetSecretStoreID

func (m *Sybase) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Sybase.

func (*Sybase) GetTags

func (m *Sybase) GetTags() Tags

GetTags returns the tags of the Sybase.

func (*Sybase) SetBindInterface

func (m *Sybase) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Sybase.

func (*Sybase) SetEgressFilter

func (m *Sybase) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Sybase.

func (*Sybase) SetName

func (m *Sybase) SetName(v string)

SetName sets the name of the Sybase.

func (*Sybase) SetSecretStoreID

func (m *Sybase) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Sybase.

func (*Sybase) SetTags

func (m *Sybase) SetTags(v Tags)

SetTags sets the tags of the Sybase.

type SybaseIQ

type SybaseIQ struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*SybaseIQ) GetBindInterface

func (m *SybaseIQ) GetBindInterface() string

GetBindInterface returns the bind interface of the SybaseIQ.

func (*SybaseIQ) GetEgressFilter

func (m *SybaseIQ) GetEgressFilter() string

GetEgressFilter returns the egress filter of the SybaseIQ.

func (*SybaseIQ) GetID

func (m *SybaseIQ) GetID() string

GetID returns the unique identifier of the SybaseIQ.

func (*SybaseIQ) GetName

func (m *SybaseIQ) GetName() string

GetName returns the name of the SybaseIQ.

func (*SybaseIQ) GetSecretStoreID

func (m *SybaseIQ) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the SybaseIQ.

func (*SybaseIQ) GetTags

func (m *SybaseIQ) GetTags() Tags

GetTags returns the tags of the SybaseIQ.

func (*SybaseIQ) SetBindInterface

func (m *SybaseIQ) SetBindInterface(v string)

SetBindInterface sets the bind interface of the SybaseIQ.

func (*SybaseIQ) SetEgressFilter

func (m *SybaseIQ) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the SybaseIQ.

func (*SybaseIQ) SetName

func (m *SybaseIQ) SetName(v string)

SetName sets the name of the SybaseIQ.

func (*SybaseIQ) SetSecretStoreID

func (m *SybaseIQ) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the SybaseIQ.

func (*SybaseIQ) SetTags

func (m *SybaseIQ) SetTags(v Tags)

SetTags sets the tags of the SybaseIQ.

type Tag

type Tag struct {
	// The name or key of this tag. Each name can only refer to one value on a tagged entity.
	Name string `json:"name"`
	// The value of this tag.
	Value string `json:"value"`
}

type TagIterator

type TagIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *Tag
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

TagIterator provides read access to a list of Tag. Use it like so:

for iterator.Next() {
    tag := iterator.Value()
    // ...
}

type Tags

type Tags map[string]string

type Teradata

type Teradata struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

func (*Teradata) GetBindInterface

func (m *Teradata) GetBindInterface() string

GetBindInterface returns the bind interface of the Teradata.

func (*Teradata) GetEgressFilter

func (m *Teradata) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Teradata.

func (*Teradata) GetID

func (m *Teradata) GetID() string

GetID returns the unique identifier of the Teradata.

func (*Teradata) GetName

func (m *Teradata) GetName() string

GetName returns the name of the Teradata.

func (*Teradata) GetSecretStoreID

func (m *Teradata) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Teradata.

func (*Teradata) GetTags

func (m *Teradata) GetTags() Tags

GetTags returns the tags of the Teradata.

func (*Teradata) SetBindInterface

func (m *Teradata) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Teradata.

func (*Teradata) SetEgressFilter

func (m *Teradata) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Teradata.

func (*Teradata) SetName

func (m *Teradata) SetName(v string)

SetName sets the name of the Teradata.

func (*Teradata) SetSecretStoreID

func (m *Teradata) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Teradata.

func (*Teradata) SetTags

func (m *Teradata) SetTags(v Tags)

SetTags sets the tags of the Teradata.

type Token

type Token struct {
	// Corresponds to the type of token, e.g. api or admin-token.
	AccountType string `json:"accountType"`
	// The timestamp when the Token will expire.
	Deadline time.Time `json:"deadline"`
	// Duration from token creation to expiration.
	Duration time.Duration `json:"duration"`
	// Unique identifier of the Token.
	ID string `json:"id"`
	// Unique human-readable name of the Token.
	Name string `json:"name"`
	// Permissions assigned to the token, e.g. role:create.
	Permissions []string `json:"permissions"`
	// The timestamp when the Token was last rekeyed.
	Rekeyed time.Time `json:"rekeyed"`
	// Reserved for future use.  Always false for tokens.
	Suspended bool `json:"suspended"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

A Token is an account providing tokenized access for automation or integration use. Tokens include admin tokens, API keys, and SCIM tokens.

func (*Token) GetID

func (m *Token) GetID() string

GetID returns the unique identifier of the Token.

func (*Token) GetTags

func (m *Token) GetTags() Tags

GetTags returns the tags of the Token.

func (*Token) IsSuspended

func (m *Token) IsSuspended() bool

IsSuspended returns whether the Token is suspended.

func (*Token) SetSuspended

func (m *Token) SetSuspended(v bool)

SetSuspended sets the suspended of the Token.

func (*Token) SetTags

func (m *Token) SetTags(v Tags)

SetTags sets the tags of the Token.

type Trino

type Trino struct {
	// The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
	BindInterface string `json:"bindInterface"`
	// The initial database to connect to. This setting does not by itself prevent switching to another database after connecting.
	Database string `json:"database"`
	// A filter applied to the routing logic to pin datasource to nodes.
	EgressFilter string `json:"egressFilter"`
	// True if the datasource is reachable and the credentials are valid.
	Healthy bool `json:"healthy"`
	// The host to dial to initiate a connection from the egress node to this resource.
	Hostname string `json:"hostname"`
	// Unique identifier of the Resource.
	ID string `json:"id"`
	// Unique human-readable name of the Resource.
	Name string `json:"name"`
	// The password to authenticate with.
	Password string `json:"password"`
	// The port to dial to initiate a connection from the egress node to this resource.
	Port int32 `json:"port"`
	// The local port used by clients to connect to this resource.
	PortOverride int32 `json:"portOverride"`
	// ID of the secret store containing credentials for this resource, if any.
	SecretStoreID string `json:"secretStoreId"`
	// Subdomain is the local DNS address.  (e.g. app-prod1 turns into app-prod1.your-org-name.sdm.network)
	Subdomain string `json:"subdomain"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
	// The username to authenticate with.
	Username string `json:"username"`
}

Trino is currently unstable, and its API may change, or it may be removed, without a major version bump.

func (*Trino) GetBindInterface

func (m *Trino) GetBindInterface() string

GetBindInterface returns the bind interface of the Trino.

func (*Trino) GetEgressFilter

func (m *Trino) GetEgressFilter() string

GetEgressFilter returns the egress filter of the Trino.

func (*Trino) GetID

func (m *Trino) GetID() string

GetID returns the unique identifier of the Trino.

func (*Trino) GetName

func (m *Trino) GetName() string

GetName returns the name of the Trino.

func (*Trino) GetSecretStoreID

func (m *Trino) GetSecretStoreID() string

GetSecretStoreID returns the secret store id of the Trino.

func (*Trino) GetTags

func (m *Trino) GetTags() Tags

GetTags returns the tags of the Trino.

func (*Trino) SetBindInterface

func (m *Trino) SetBindInterface(v string)

SetBindInterface sets the bind interface of the Trino.

func (*Trino) SetEgressFilter

func (m *Trino) SetEgressFilter(v string)

SetEgressFilter sets the egress filter of the Trino.

func (*Trino) SetName

func (m *Trino) SetName(v string)

SetName sets the name of the Trino.

func (*Trino) SetSecretStoreID

func (m *Trino) SetSecretStoreID(v string)

SetSecretStoreID sets the secret store id of the Trino.

func (*Trino) SetTags

func (m *Trino) SetTags(v Tags)

SetTags sets the tags of the Trino.

type UnknownError

type UnknownError struct {
	// Wrapped is a underlying error.
	Wrapped error
}

UnknownError is a generic wrapper that indicates an unknown internal error in the SDK.

func (*UnknownError) Code

func (e *UnknownError) Code() int

func (*UnknownError) Error

func (e *UnknownError) Error() string

func (*UnknownError) Unwrap

func (e *UnknownError) Unwrap() error

type UpdateResponseMetadata

type UpdateResponseMetadata struct {
}

UpdateResponseMetadata is reserved for future use.

type User

type User struct {
	// The User's email address. Must be unique.
	Email string `json:"email"`
	// External ID is an alternative unique ID this user is represented by within an external service.
	ExternalID string `json:"externalId"`
	// The User's first name.
	FirstName string `json:"firstName"`
	// Unique identifier of the User.
	ID string `json:"id"`
	// The User's last name.
	LastName string `json:"lastName"`
	// Managed By is a read only field for what service manages this user, e.g. StrongDM, Okta, Azure.
	ManagedBy string `json:"managedBy"`
	// PermissionLevel is the user's permission level e.g. admin, DBA, user.
	PermissionLevel string `json:"permissionLevel"`
	// Suspended is a read only field for the User's suspended state.
	Suspended bool `json:"suspended"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

A User can connect to resources they are granted directly, or granted via roles.

func (*User) GetID

func (m *User) GetID() string

GetID returns the unique identifier of the User.

func (*User) GetTags

func (m *User) GetTags() Tags

GetTags returns the tags of the User.

func (*User) IsSuspended

func (m *User) IsSuspended() bool

IsSuspended returns whether the User is suspended.

func (*User) SetSuspended

func (m *User) SetSuspended(v bool)

SetSuspended sets the suspended of the User.

func (*User) SetTags

func (m *User) SetTags(v Tags)

SetTags sets the tags of the User.

type VaultAWSEC2Store added in v8.4.0

type VaultAWSEC2Store struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

VaultAWSEC2Store is currently unstable, and its API may change, or it may be removed, without a major version bump.

func (*VaultAWSEC2Store) GetID added in v8.4.0

func (m *VaultAWSEC2Store) GetID() string

GetID returns the unique identifier of the VaultAWSEC2Store.

func (*VaultAWSEC2Store) GetName added in v8.4.0

func (m *VaultAWSEC2Store) GetName() string

GetName returns the name of the VaultAWSEC2Store.

func (*VaultAWSEC2Store) GetTags added in v8.4.0

func (m *VaultAWSEC2Store) GetTags() Tags

GetTags returns the tags of the VaultAWSEC2Store.

func (*VaultAWSEC2Store) SetName added in v8.4.0

func (m *VaultAWSEC2Store) SetName(v string)

SetName sets the name of the VaultAWSEC2Store.

func (*VaultAWSEC2Store) SetTags added in v8.4.0

func (m *VaultAWSEC2Store) SetTags(v Tags)

SetTags sets the tags of the VaultAWSEC2Store.

type VaultAWSIAMStore added in v8.4.0

type VaultAWSIAMStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

VaultAWSIAMStore is currently unstable, and its API may change, or it may be removed, without a major version bump.

func (*VaultAWSIAMStore) GetID added in v8.4.0

func (m *VaultAWSIAMStore) GetID() string

GetID returns the unique identifier of the VaultAWSIAMStore.

func (*VaultAWSIAMStore) GetName added in v8.4.0

func (m *VaultAWSIAMStore) GetName() string

GetName returns the name of the VaultAWSIAMStore.

func (*VaultAWSIAMStore) GetTags added in v8.4.0

func (m *VaultAWSIAMStore) GetTags() Tags

GetTags returns the tags of the VaultAWSIAMStore.

func (*VaultAWSIAMStore) SetName added in v8.4.0

func (m *VaultAWSIAMStore) SetName(v string)

SetName sets the name of the VaultAWSIAMStore.

func (*VaultAWSIAMStore) SetTags added in v8.4.0

func (m *VaultAWSIAMStore) SetTags(v Tags)

SetTags sets the tags of the VaultAWSIAMStore.

type VaultAppRoleCertSSHStore

type VaultAppRoleCertSSHStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// The lifetime of certificates issued by this CA represented in minutes.
	IssuedCertTTLMinutes int32 `json:"issuedCertTtlMinutes"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// The signing role to be used for signing certificates
	SigningRole string `json:"signingRole"`
	// The mount point of the SSH engine configured with the desired CA
	SshMountPoint string `json:"sshMountPoint"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*VaultAppRoleCertSSHStore) GetID

func (m *VaultAppRoleCertSSHStore) GetID() string

GetID returns the unique identifier of the VaultAppRoleCertSSHStore.

func (*VaultAppRoleCertSSHStore) GetName

func (m *VaultAppRoleCertSSHStore) GetName() string

GetName returns the name of the VaultAppRoleCertSSHStore.

func (*VaultAppRoleCertSSHStore) GetTags

func (m *VaultAppRoleCertSSHStore) GetTags() Tags

GetTags returns the tags of the VaultAppRoleCertSSHStore.

func (*VaultAppRoleCertSSHStore) SetName

func (m *VaultAppRoleCertSSHStore) SetName(v string)

SetName sets the name of the VaultAppRoleCertSSHStore.

func (*VaultAppRoleCertSSHStore) SetTags

func (m *VaultAppRoleCertSSHStore) SetTags(v Tags)

SetTags sets the tags of the VaultAppRoleCertSSHStore.

type VaultAppRoleCertX509Store

type VaultAppRoleCertX509Store struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// The lifetime of certificates issued by this CA in minutes. Recommended value is 5.
	IssuedCertTTLMinutes int32 `json:"issuedCertTtlMinutes"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The mount point of the PKI engine configured with the desired CA
	PkiMountPoint string `json:"pkiMountPoint"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// The signing role to be used for signing certificates
	SigningRole string `json:"signingRole"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*VaultAppRoleCertX509Store) GetID

func (m *VaultAppRoleCertX509Store) GetID() string

GetID returns the unique identifier of the VaultAppRoleCertX509Store.

func (*VaultAppRoleCertX509Store) GetName

func (m *VaultAppRoleCertX509Store) GetName() string

GetName returns the name of the VaultAppRoleCertX509Store.

func (*VaultAppRoleCertX509Store) GetTags

func (m *VaultAppRoleCertX509Store) GetTags() Tags

GetTags returns the tags of the VaultAppRoleCertX509Store.

func (*VaultAppRoleCertX509Store) SetName

func (m *VaultAppRoleCertX509Store) SetName(v string)

SetName sets the name of the VaultAppRoleCertX509Store.

func (*VaultAppRoleCertX509Store) SetTags

func (m *VaultAppRoleCertX509Store) SetTags(v Tags)

SetTags sets the tags of the VaultAppRoleCertX509Store.

type VaultAppRoleStore

type VaultAppRoleStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*VaultAppRoleStore) GetID

func (m *VaultAppRoleStore) GetID() string

GetID returns the unique identifier of the VaultAppRoleStore.

func (*VaultAppRoleStore) GetName

func (m *VaultAppRoleStore) GetName() string

GetName returns the name of the VaultAppRoleStore.

func (*VaultAppRoleStore) GetTags

func (m *VaultAppRoleStore) GetTags() Tags

GetTags returns the tags of the VaultAppRoleStore.

func (*VaultAppRoleStore) SetName

func (m *VaultAppRoleStore) SetName(v string)

SetName sets the name of the VaultAppRoleStore.

func (*VaultAppRoleStore) SetTags

func (m *VaultAppRoleStore) SetTags(v Tags)

SetTags sets the tags of the VaultAppRoleStore.

type VaultTLSCertSSHStore

type VaultTLSCertSSHStore struct {
	// A path to a CA file accessible by a Node
	CACertPath string `json:"caCertPath"`
	// A path to a client certificate file accessible by a Node
	ClientCertPath string `json:"clientCertPath"`
	// A path to a client key file accessible by a Node
	ClientKeyPath string `json:"clientKeyPath"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// The lifetime of certificates issued by this CA represented in minutes.
	IssuedCertTTLMinutes int32 `json:"issuedCertTtlMinutes"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// The signing role to be used for signing certificates
	SigningRole string `json:"signingRole"`
	// The mount point of the SSH engine configured with the desired CA
	SshMountPoint string `json:"sshMountPoint"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*VaultTLSCertSSHStore) GetID

func (m *VaultTLSCertSSHStore) GetID() string

GetID returns the unique identifier of the VaultTLSCertSSHStore.

func (*VaultTLSCertSSHStore) GetName

func (m *VaultTLSCertSSHStore) GetName() string

GetName returns the name of the VaultTLSCertSSHStore.

func (*VaultTLSCertSSHStore) GetTags

func (m *VaultTLSCertSSHStore) GetTags() Tags

GetTags returns the tags of the VaultTLSCertSSHStore.

func (*VaultTLSCertSSHStore) SetName

func (m *VaultTLSCertSSHStore) SetName(v string)

SetName sets the name of the VaultTLSCertSSHStore.

func (*VaultTLSCertSSHStore) SetTags

func (m *VaultTLSCertSSHStore) SetTags(v Tags)

SetTags sets the tags of the VaultTLSCertSSHStore.

type VaultTLSCertX509Store

type VaultTLSCertX509Store struct {
	// A path to a CA file accessible by a Node
	CACertPath string `json:"caCertPath"`
	// A path to a client certificate file accessible by a Node
	ClientCertPath string `json:"clientCertPath"`
	// A path to a client key file accessible by a Node
	ClientKeyPath string `json:"clientKeyPath"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// The lifetime of certificates issued by this CA represented in minutes.
	IssuedCertTTLMinutes int32 `json:"issuedCertTtlMinutes"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The mount point of the PKI engine configured with the desired CA
	PkiMountPoint string `json:"pkiMountPoint"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// The signing role to be used for signing certificates
	SigningRole string `json:"signingRole"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*VaultTLSCertX509Store) GetID

func (m *VaultTLSCertX509Store) GetID() string

GetID returns the unique identifier of the VaultTLSCertX509Store.

func (*VaultTLSCertX509Store) GetName

func (m *VaultTLSCertX509Store) GetName() string

GetName returns the name of the VaultTLSCertX509Store.

func (*VaultTLSCertX509Store) GetTags

func (m *VaultTLSCertX509Store) GetTags() Tags

GetTags returns the tags of the VaultTLSCertX509Store.

func (*VaultTLSCertX509Store) SetName

func (m *VaultTLSCertX509Store) SetName(v string)

SetName sets the name of the VaultTLSCertX509Store.

func (*VaultTLSCertX509Store) SetTags

func (m *VaultTLSCertX509Store) SetTags(v Tags)

SetTags sets the tags of the VaultTLSCertX509Store.

type VaultTLSStore

type VaultTLSStore struct {
	// A path to a CA file accessible by a Node
	CACertPath string `json:"caCertPath"`
	// A path to a client certificate file accessible by a Node
	ClientCertPath string `json:"clientCertPath"`
	// A path to a client key file accessible by a Node
	ClientKeyPath string `json:"clientKeyPath"`
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*VaultTLSStore) GetID

func (m *VaultTLSStore) GetID() string

GetID returns the unique identifier of the VaultTLSStore.

func (*VaultTLSStore) GetName

func (m *VaultTLSStore) GetName() string

GetName returns the name of the VaultTLSStore.

func (*VaultTLSStore) GetTags

func (m *VaultTLSStore) GetTags() Tags

GetTags returns the tags of the VaultTLSStore.

func (*VaultTLSStore) SetName

func (m *VaultTLSStore) SetName(v string)

SetName sets the name of the VaultTLSStore.

func (*VaultTLSStore) SetTags

func (m *VaultTLSStore) SetTags(v Tags)

SetTags sets the tags of the VaultTLSStore.

type VaultTokenCertSSHStore

type VaultTokenCertSSHStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// The lifetime of certificates issued by this CA in minutes. Recommended value is 5.
	IssuedCertTTLMinutes int32 `json:"issuedCertTtlMinutes"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// The signing role to be used for signing certificates
	SigningRole string `json:"signingRole"`
	// The mount point of the SSH engine configured with the desired CA
	SshMountPoint string `json:"sshMountPoint"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*VaultTokenCertSSHStore) GetID

func (m *VaultTokenCertSSHStore) GetID() string

GetID returns the unique identifier of the VaultTokenCertSSHStore.

func (*VaultTokenCertSSHStore) GetName

func (m *VaultTokenCertSSHStore) GetName() string

GetName returns the name of the VaultTokenCertSSHStore.

func (*VaultTokenCertSSHStore) GetTags

func (m *VaultTokenCertSSHStore) GetTags() Tags

GetTags returns the tags of the VaultTokenCertSSHStore.

func (*VaultTokenCertSSHStore) SetName

func (m *VaultTokenCertSSHStore) SetName(v string)

SetName sets the name of the VaultTokenCertSSHStore.

func (*VaultTokenCertSSHStore) SetTags

func (m *VaultTokenCertSSHStore) SetTags(v Tags)

SetTags sets the tags of the VaultTokenCertSSHStore.

type VaultTokenCertX509Store

type VaultTokenCertX509Store struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// The lifetime of certificates issued by this CA represented in minutes.
	IssuedCertTTLMinutes int32 `json:"issuedCertTtlMinutes"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The mount point of the PKI engine configured with the desired CA
	PkiMountPoint string `json:"pkiMountPoint"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// The signing role to be used for signing certificates
	SigningRole string `json:"signingRole"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*VaultTokenCertX509Store) GetID

func (m *VaultTokenCertX509Store) GetID() string

GetID returns the unique identifier of the VaultTokenCertX509Store.

func (*VaultTokenCertX509Store) GetName

func (m *VaultTokenCertX509Store) GetName() string

GetName returns the name of the VaultTokenCertX509Store.

func (*VaultTokenCertX509Store) GetTags

func (m *VaultTokenCertX509Store) GetTags() Tags

GetTags returns the tags of the VaultTokenCertX509Store.

func (*VaultTokenCertX509Store) SetName

func (m *VaultTokenCertX509Store) SetName(v string)

SetName sets the name of the VaultTokenCertX509Store.

func (*VaultTokenCertX509Store) SetTags

func (m *VaultTokenCertX509Store) SetTags(v Tags)

SetTags sets the tags of the VaultTokenCertX509Store.

type VaultTokenStore

type VaultTokenStore struct {
	// Unique identifier of the SecretStore.
	ID string `json:"id"`
	// Unique human-readable name of the SecretStore.
	Name string `json:"name"`
	// The namespace to make requests within
	Namespace string `json:"namespace"`
	// The URL of the Vault to target
	ServerAddress string `json:"serverAddress"`
	// Tags is a map of key, value pairs.
	Tags Tags `json:"tags"`
}

func (*VaultTokenStore) GetID

func (m *VaultTokenStore) GetID() string

GetID returns the unique identifier of the VaultTokenStore.

func (*VaultTokenStore) GetName

func (m *VaultTokenStore) GetName() string

GetName returns the name of the VaultTokenStore.

func (*VaultTokenStore) GetTags

func (m *VaultTokenStore) GetTags() Tags

GetTags returns the tags of the VaultTokenStore.

func (*VaultTokenStore) SetName

func (m *VaultTokenStore) SetName(v string)

SetName sets the name of the VaultTokenStore.

func (*VaultTokenStore) SetTags

func (m *VaultTokenStore) SetTags(v Tags)

SetTags sets the tags of the VaultTokenStore.

type Workflow

type Workflow struct {
	// AccessRules is a list of access rules defining the resources this Workflow provides access to.
	AccessRules AccessRules `json:"accessRules"`
	// Optional approval flow ID identifies an approval flow that linked to the workflow
	ApprovalFlowID string `json:"approvalFlowId"`
	// Optional auto grant setting to automatically approve requests or not, defaults to false.
	AutoGrant bool `json:"autoGrant"`
	// Optional description of the Workflow.
	Description string `json:"description"`
	// Optional enabled state for workflow. This setting may be overridden by the system if
	// the workflow doesn't meet the requirements to be enabled or if other conditions prevent
	// enabling the workflow. The requirements to enable a workflow are that the workflow must be
	// either set up for with auto grant enabled or have one or more WorkflowApprovers created for
	// the workflow.
	Enabled bool `json:"enabled"`
	// Unique identifier of the Workflow.
	ID string `json:"id"`
	// Unique human-readable name of the Workflow.
	Name string `json:"name"`
	// Optional weight for workflow to specify it's priority in matching a request.
	Weight int64 `json:"weight"`
}

Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either but automatic approval or a set of users authorized to approve the requests.

type WorkflowApprover

type WorkflowApprover struct {
	// The approver account id.
	AccountID string `json:"accountId"`
	// Unique identifier of the WorkflowApprover.
	ID string `json:"id"`
	// The approver role id
	RoleID string `json:"roleId"`
	// The workflow id.
	WorkflowID string `json:"workflowId"`
}

WorkflowApprover is an account or a role with the ability to approve requests bound to a workflow.

type WorkflowApproverGetResponse

type WorkflowApproverGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The requested WorkflowApprover.
	WorkflowApprover *WorkflowApprover `json:"workflowApprover"`
}

WorkflowApproverGetResponse returns a requested WorkflowApprover.

type WorkflowApproverHistory

type WorkflowApproverHistory struct {
	// The unique identifier of the Activity that produced this change to the WorkflowApprover.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this WorkflowApprover was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the WorkflowApprover state was recorded.
	Timestamp time.Time `json:"timestamp"`
	// The complete WorkflowApprover state at this time.
	WorkflowApprover *WorkflowApprover `json:"workflowApprover"`
}

WorkflowApproverHistory provides records of all changes to the state of a WorkflowApprover.

type WorkflowApproverHistoryIterator

type WorkflowApproverHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *WorkflowApproverHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

WorkflowApproverHistoryIterator provides read access to a list of WorkflowApproverHistory. Use it like so:

for iterator.Next() {
    workflowApproverHistory := iterator.Value()
    // ...
}

type WorkflowApproverIterator

type WorkflowApproverIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *WorkflowApprover
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

WorkflowApproverIterator provides read access to a list of WorkflowApprover. Use it like so:

for iterator.Next() {
    workflowApprover := iterator.Value()
    // ...
}

type WorkflowApprovers

type WorkflowApprovers struct {
	// contains filtered or unexported fields
}

WorkflowApprovers is an account or a role with the ability to approve requests bound to a workflow.

func (*WorkflowApprovers) Create

func (svc *WorkflowApprovers) Create(
	ctx context.Context,
	workflowApprover *WorkflowApprover) (
	*WorkflowApproversCreateResponse,
	error)

Create creates a new workflow approver

func (*WorkflowApprovers) Delete

Delete deletes a workflow approver

func (*WorkflowApprovers) Get

Get reads one workflow approver by ID.

func (*WorkflowApprovers) List

func (svc *WorkflowApprovers) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	WorkflowApproverIterator,
	error)

Lists existing workflow approvers.

type WorkflowApproversCreateRequest

type WorkflowApproversCreateRequest struct {
	// Parameters to define the new WorkflowApprover.
	WorkflowApprover *WorkflowApprover `json:"workflowApprover"`
}

WorkflowApproversCreateRequest specifies the workflowID and approverID of a new workflow approver to be created.

type WorkflowApproversCreateResponse

type WorkflowApproversCreateResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The created workflow approver.
	WorkflowApprover *WorkflowApprover `json:"workflowApprover"`
}

WorkflowApproversCreateResponse reports how the WorkflowApprover was created in the system.

type WorkflowApproversDeleteRequest

type WorkflowApproversDeleteRequest struct {
	// The unique identifier of the WorkflowApprover to delete.
	ID string `json:"id"`
}

WorkflowApproversDeleteRequest specifies the ID of a WorkflowApprover to be deleted.

type WorkflowApproversDeleteResponse

type WorkflowApproversDeleteResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

WorkflowApproversDeleteResponse reports how the WorkflowApprover was deleted in the system.

type WorkflowApproversHistory

type WorkflowApproversHistory struct {
	// contains filtered or unexported fields
}

WorkflowApproversHistory provides records of all changes to the state of a WorkflowApprover.

func (*WorkflowApproversHistory) List

func (svc *WorkflowApproversHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	WorkflowApproverHistoryIterator,
	error)

List gets a list of WorkflowApproversHistory records matching a given set of criteria.

type WorkflowApproversListRequest

type WorkflowApproversListRequest struct {
	// A human-readable filter query string.
	Filter string `json:"filter"`
}

WorkflowApproversListRequest specifies criteria for retrieving a list of WorkflowApprover records

type WorkflowApproversListResponse

type WorkflowApproversListResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

WorkflowApproversListResponse returns a list of WorkflowApprover records that meet the criteria of a WorkflowApproversListRequest.

type WorkflowAssignment

type WorkflowAssignment struct {
	// The resource id.
	ResourceID string `json:"resourceId"`
	// The workflow id.
	WorkflowID string `json:"workflowId"`
}

WorkflowAssignment links a Resource to a Workflow. The assigned resources are those that a user can request access to via the workflow.

type WorkflowAssignmentHistory

type WorkflowAssignmentHistory struct {
	// The unique identifier of the Activity that produced this change to the WorkflowAssignment.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this WorkflowAssignment was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the WorkflowAssignment state was recorded.
	Timestamp time.Time `json:"timestamp"`
	// The complete WorkflowAssignment state at this time.
	WorkflowAssignment *WorkflowAssignment `json:"workflowAssignment"`
}

WorkflowAssignmentsHistory provides records of all changes to the state of a WorkflowAssignment.

type WorkflowAssignmentHistoryIterator

type WorkflowAssignmentHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *WorkflowAssignmentHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

WorkflowAssignmentHistoryIterator provides read access to a list of WorkflowAssignmentHistory. Use it like so:

for iterator.Next() {
    workflowAssignmentHistory := iterator.Value()
    // ...
}

type WorkflowAssignmentIterator

type WorkflowAssignmentIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *WorkflowAssignment
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

WorkflowAssignmentIterator provides read access to a list of WorkflowAssignment. Use it like so:

for iterator.Next() {
    workflowAssignment := iterator.Value()
    // ...
}

type WorkflowAssignments

type WorkflowAssignments struct {
	// contains filtered or unexported fields
}

WorkflowAssignments links a Resource to a Workflow. The assigned resources are those that a user can request access to via the workflow.

func (*WorkflowAssignments) List

func (svc *WorkflowAssignments) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	WorkflowAssignmentIterator,
	error)

Lists existing workflow assignments.

type WorkflowAssignmentsHistory

type WorkflowAssignmentsHistory struct {
	// contains filtered or unexported fields
}

WorkflowAssignmentsHistory provides records of all changes to the state of a WorkflowAssignment.

func (*WorkflowAssignmentsHistory) List

func (svc *WorkflowAssignmentsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	WorkflowAssignmentHistoryIterator,
	error)

List gets a list of WorkflowAssignmentsHistory records matching a given set of criteria.

type WorkflowAssignmentsListRequest

type WorkflowAssignmentsListRequest struct {
	// A human-readable filter query string.
	Filter string `json:"filter"`
}

WorkflowAssignmentsListRequest specifies criteria for retrieving a list of WorkflowAssignment records

type WorkflowAssignmentsListResponse

type WorkflowAssignmentsListResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

WorkflowAssignmentsListResponse returns a list of WorkflowAssignment records that meet the criteria of a WorkflowAssignmentsListRequest.

type WorkflowCreateResponse

type WorkflowCreateResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The created workflow.
	Workflow *Workflow `json:"workflow"`
}

WorkflowCreateResponse reports how the Workflow was created in the system.

type WorkflowDeleteResponse

type WorkflowDeleteResponse struct {
	// The deleted workflow id.
	ID string `json:"id"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

WorkflowDeleteResponse returns information about a Workflow that was deleted.

type WorkflowGetResponse

type WorkflowGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The requested Workflow.
	Workflow *Workflow `json:"workflow"`
}

WorkflowGetResponse returns a requested Workflow.

type WorkflowHistory

type WorkflowHistory struct {
	// The unique identifier of the Activity that produced this change to the Workflow.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this Workflow was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the Workflow state was recorded.
	Timestamp time.Time `json:"timestamp"`
	// The complete Workflow state at this time.
	Workflow *Workflow `json:"workflow"`
}

WorkflowsHistory provides records of all changes to the state of a Workflow.

type WorkflowHistoryIterator

type WorkflowHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *WorkflowHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

WorkflowHistoryIterator provides read access to a list of WorkflowHistory. Use it like so:

for iterator.Next() {
    workflowHistory := iterator.Value()
    // ...
}

type WorkflowIterator

type WorkflowIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *Workflow
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

WorkflowIterator provides read access to a list of Workflow. Use it like so:

for iterator.Next() {
    workflow := iterator.Value()
    // ...
}

type WorkflowListResponse

type WorkflowListResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

WorkflowListResponse returns a list of Workflow records that meet the criteria of a WorkflowListRequest.

type WorkflowRole

type WorkflowRole struct {
	// Unique identifier of the WorkflowRole.
	ID string `json:"id"`
	// The role id.
	RoleID string `json:"roleId"`
	// The workflow id.
	WorkflowID string `json:"workflowId"`
}

WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.

type WorkflowRoleGetResponse

type WorkflowRoleGetResponse struct {
	// Reserved for future use.
	Meta *GetResponseMetadata `json:"meta"`
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The requested WorkflowRole.
	WorkflowRole *WorkflowRole `json:"workflowRole"`
}

WorkflowRoleGetResponse returns a requested WorkflowRole.

type WorkflowRoleHistory

type WorkflowRoleHistory struct {
	// The unique identifier of the Activity that produced this change to the WorkflowRole.
	// May be empty for some system-initiated updates.
	ActivityID string `json:"activityId"`
	// If this WorkflowRole was deleted, the time it was deleted.
	DeletedAt time.Time `json:"deletedAt"`
	// The time at which the WorkflowRole state was recorded.
	Timestamp time.Time `json:"timestamp"`
	// The complete WorkflowRole state at this time.
	WorkflowRole *WorkflowRole `json:"workflowRole"`
}

WorkflowRolesHistory provides records of all changes to the state of a WorkflowRole

type WorkflowRoleHistoryIterator

type WorkflowRoleHistoryIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *WorkflowRoleHistory
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

WorkflowRoleHistoryIterator provides read access to a list of WorkflowRoleHistory. Use it like so:

for iterator.Next() {
    workflowRoleHistory := iterator.Value()
    // ...
}

type WorkflowRoleIterator

type WorkflowRoleIterator interface {
	// Next advances the iterator to the next item in the list. It returns
	// true if an item is available to retrieve via the `Value()` function.
	Next() bool
	// Value returns the current item, if one is available.
	Value() *WorkflowRole
	// Err returns the first error encountered during iteration, if any.
	Err() error
}

WorkflowRoleIterator provides read access to a list of WorkflowRole. Use it like so:

for iterator.Next() {
    workflowRole := iterator.Value()
    // ...
}

type WorkflowRoles

type WorkflowRoles struct {
	// contains filtered or unexported fields
}

WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.

func (*WorkflowRoles) Create

func (svc *WorkflowRoles) Create(
	ctx context.Context,
	workflowRole *WorkflowRole) (
	*WorkflowRolesCreateResponse,
	error)

Create creates a new workflow role

func (*WorkflowRoles) Delete

Delete deletes a workflow role

func (*WorkflowRoles) Get

Get reads one workflow role by ID.

func (*WorkflowRoles) List

func (svc *WorkflowRoles) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	WorkflowRoleIterator,
	error)

Lists existing workflow roles.

type WorkflowRolesCreateRequest

type WorkflowRolesCreateRequest struct {
	// Parameters to define the new WorkflowRole.
	WorkflowRole *WorkflowRole `json:"workflowRole"`
}

WorkflowRolesCreateRequest specifies the workflowID and roleID of a new workflow role to be created.

type WorkflowRolesCreateResponse

type WorkflowRolesCreateResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The created workflow role.
	WorkflowRole *WorkflowRole `json:"workflowRole"`
}

WorkflowRolesCreateResponse reports how the WorkflowRole was created in the system.

type WorkflowRolesDeleteRequest

type WorkflowRolesDeleteRequest struct {
	// The unique identifier of the WorkflowRole to delete.
	ID string `json:"id"`
}

WorkflowRolesDeleteRequest specifies the ID of a WorkflowRole to be deleted.

type WorkflowRolesDeleteResponse

type WorkflowRolesDeleteResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

WorkflowRolesDeleteResponse reports how the WorkflowRole was deleted in the system.

type WorkflowRolesHistory

type WorkflowRolesHistory struct {
	// contains filtered or unexported fields
}

WorkflowRolesHistory provides records of all changes to the state of a WorkflowRole

func (*WorkflowRolesHistory) List

func (svc *WorkflowRolesHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	WorkflowRoleHistoryIterator,
	error)

List gets a list of WorkflowRolesHistory records matching a given set of criteria.

type WorkflowRolesListRequest

type WorkflowRolesListRequest struct {
	// A human-readable filter query string.
	Filter string `json:"filter"`
}

WorkflowRolesListRequest specifies criteria for retrieving a list of WorkflowRole records

type WorkflowRolesListResponse

type WorkflowRolesListResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
}

WorkflowRolesListResponse returns a list of WorkflowRole records that meet the criteria of a WorkflowRolesListRequest.

type WorkflowUpdateResponse

type WorkflowUpdateResponse struct {
	// Rate limit information.
	RateLimit *RateLimitMetadata `json:"rateLimit"`
	// The updated workflow.
	Workflow *Workflow `json:"workflow"`
}

WorkflowUpdateResponse returns the fields of a Workflow after it has been updated by a WorkflowUpdateRequest.

type Workflows

type Workflows struct {
	// contains filtered or unexported fields
}

Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.

func (*Workflows) Create

func (svc *Workflows) Create(
	ctx context.Context,
	workflow *Workflow) (
	*WorkflowCreateResponse,
	error)

Create creates a new workflow and requires a name for the workflow.

func (*Workflows) Delete

func (svc *Workflows) Delete(
	ctx context.Context,
	id string) (
	*WorkflowDeleteResponse,
	error)

Delete deletes an existing workflow.

func (*Workflows) Get

func (svc *Workflows) Get(
	ctx context.Context,
	id string) (
	*WorkflowGetResponse,
	error)

Get reads one workflow by ID.

func (*Workflows) List

func (svc *Workflows) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	WorkflowIterator,
	error)

Lists existing workflows.

func (*Workflows) Update

func (svc *Workflows) Update(
	ctx context.Context,
	workflow *Workflow) (
	*WorkflowUpdateResponse,
	error)

Update updates an existing workflow.

type WorkflowsHistory

type WorkflowsHistory struct {
	// contains filtered or unexported fields
}

WorkflowsHistory provides records of all changes to the state of a Workflow.

func (*WorkflowsHistory) List

func (svc *WorkflowsHistory) List(
	ctx context.Context,
	filter string,
	args ...interface{}) (
	WorkflowHistoryIterator,
	error)

List gets a list of WorkflowHistory records matching a given set of criteria.

Directories

Path Synopsis
internal
v1

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL